← Все вакансии/Senior/clickhouse
SeniorOfficeUnited States

Information Security Manager

C
clickhouse
Уровень
Senior
Формат
Office
О роли

Описание вакансии

About the company

This role sits at the intersection of product management, security engineering, compliance, legal, and cloud infrastructure. You will own the information security strategy for regulated cloud offerings, certifications, sovereign cloud deployments, and specialized regional offerings that enable customers to operate ClickHouse in highly restricted environments.

Responsibilities
  • Define and execute the multi-year roadmap for achieving ClickHouse for Government certifications (FEDRAMP, DOD-IL, StateRAMP, CJIS, etc)
  • Partner closely with Security, Engineering, Compliance, Legal, GTM and Operations teams to ensure ClickHouse Cloud meets the requirements of frameworks including SOC 2, ISO 27001/27701, HIPAA, PCI DSS, and government-specific standards (FIPS, Common Criteria / Protection Profile, NIST SP800-171, CMMC, Sec 508/VPAT, DISA STIG)
  • Translate complex regulatory and security requirements into scalable product capabilities across identity and access management (IAM), encryption, key management, audit logging, access controls, and operational security
  • Drive product requirements for FIPS-compliant cryptographic modules and government-specific deployment and licensing models
  • Establish long-term strategy for enterprise security capabilities that support regulated industries worldwide
  • Own the product strategy and roadmap for sovereign cloud offerings, including the European Sovereign Cloud (ESC), Kingdom of Saudi Arabia (KSA), and future sovereign cloud regions
  • Own and deliver long-term Five-Eyes Sovereign Cloud Deployments
  • Define product capabilities that address data residency, personnel access controls, customer-managed encryption, and operational sovereignty requirements
  • Work with cloud providers and strategic partners to enable deployments in restricted and regulated environments, including offerings such as Assured Workloads and sovereign cloud frameworks
  • Partner with legal, compliance, and regional stakeholders to navigate evolving global regulations and regional market requirements
Requirements
  • 8+ years of product management experience, including significant experience building cloud infrastructure, platform, security, or enterprise SaaS products
  • Deep understanding of FedRAMP certification requirements and the challenges of operating compliant multi-tenant cloud services
  • Strong technical understanding of modern cloud architectures across AWS, Azure, and GCP
  • Experience with security domains including IAM, network isolation, private connectivity, encryption, key management systems (KMS/BYOK), audit logging, and access controls
  • Familiarity with global data residency and sovereignty requirements, including GDPR and emerging regional regulatory frameworks
  • Demonstrated success leading complex cross-functional initiatives involving engineering, security, compliance, legal, and GTM teams
  • Strong written and verbal communication skills, with the ability to influence both technical and executive audiences
  • Preferred: Experience with US Government Security and Risk Frameworks (FEDRAMP, DOD IL, RMF, etc); Experience with sovereign clouds, government cloud regions, and regulated industry offerings; Background in databases, data platforms, analytics, or infrastructure software; Experience commercializing open-source technologies for enterprise and government customers; Familiarity with FIPS 140-2/140-3 validation requirements and government procurement processes
  • Bonus: Experience working directly with federal, defense, intelligence, or public-sector customers; Existing security clearance or ability to obtain one
Стек и навыки

С чем работаем