• Develop, implement, and maintain a comprehensive, long-term, global information security strategy aligned with business objectives and risk tolerance. • Refine and enforce security policies, standards, and procedures across the organization. • Report on the organization's security posture and risk profile to the executive team and the Board of Directors. • Establish and lead the security operations center (SOC) and incident response teams. • Develop and execute an incident response plan to ensure swift detection, containment, and recovery from security breaches. • Oversee the management of security technologies. • Provide strategic direction for the design and implementation of secure enterprise and cloud infrastructure. • Stay current with emerging cybersecurity threats, technologies, and best practices. • Evaluate and recommend new security technologies and services to enhance the organization's defenses. • Lead the identification, assessment, and mitigation of security risks and vulnerabilities. • Ensure the organization's compliance with relevant industry standards and regulatory frameworks (e.g., GDPR, HIPAA, ISO 27001, SOX). • Manage and assess the security risks associated with third-party vendors and partners. • Continue hardening vendor risk management program to ensure supply chain security. • Mentor, and lead a high-performing information security team. • Continue fostering a culture of cybersecurity awareness across all departments through training and communication programs. • Maintain strong working relationships with cross-functional teams, including DevOps, IT, Legal, Privacy, Engineering, Data and integrate security into business processes.

• Collaborate with engineering and product on improving existing and building new product features with focus on threat modeling, assurance and secure implementation, some examples of recent work include implementation of secure key management, passwordless authentication, m2m authentication, sandboxing and compute/network/storage isolation • Identify security gaps and vulnerabilities in ClickHouse Cloud and OSS, triage a wide range of vulnerabilities reported via our bug bounty program, responsible disclosure, GitHub Issues covering web, API and server - client assets including low level memory issues like heap or buffer overflows • Improve and develop security assurance activities - pentests, vulnerability assessments, bug bounty programs, fuzzing • Drive implementation and usage of engineering security tools - static, dynamic code analysis, dependency checks, code licensing compliance (working knowledge of Snyk, Semgrep, GitHub CodeQL) • Nurture the engineering - security relationship, identify and implement process and technology improvements • Handle information security events and incidents across ClickHouse products and services • Develop processes, tooling and automation to scale security processes and mitigate risks to the business.

• Engage students in an asynchronous and inclusive learning environment by providing guidance and resources in a pre-developed online course. • Prioritize Student Engagement – Work with students by responding within set timeframes and reaching out proactively to students needing additional support. • Recognize student needs holistically and connect them with resources. • Encourage participation, collaboration, and strong faculty-student relationships to enhance learning and build skills. • Share Expertise and Resources – Stay current in your field of expertise, share your experience, and recommend relevant supplementary materials to enhance student understanding of course content. • Find accessible ways to explain complex topics. • Offer Feedback & Assessment – Evaluate student work and provide individualized, constructive feedback within set timeframes to promote growth and mastery of course outcomes. • Facilitate Discussions – Encourage student interaction through active participation in online discussions while fostering an inclusive, engaging, and respectful environment that promotes open dialogue and diverse perspectives.

• Architect, design, and implement secure, compliant, scalable, and cost-efficient infrastructure solutions to protect a rapidly growing product. • Lead the execution and maintenance of our SOC2 compliance program and other security-related certifications. • Design, implement, and audit Role-Based Access Controls (RBAC), Identity and Access Management (IAM), and secrets management systems. • Design and implement security best practices for backend, frontend services, APIs, and data pipelines. • Own security features end-to-end, from architecture and implementation to testing and production deployment. • Develop and maintain security automation, Infrastructure as Code, and secure CI/CD pipelines. • Implement and manage security monitoring, threat detection, and vulnerability management across our cloud infrastructure. • Establish and enforce security best practices for authentication, authorization, logging, and alerting. • Lead and participate in incident response, troubleshooting complex security issues and driving postmortem learning and improvements. • Collaborate across engineering teams to embed security into the software development lifecycle and balance compliance, velocity, and cost.