• Conduct research to identify potential weaknesses and security vulnerabilities in C / C++ and C# / .NET applications as well as others as the need arises. • Describe vulnerabilities and potential exploits, and produce proofs of concept and representative examples to aid engineering teams in building product capabilities • Engage in binary and source static analysis/reverse-engineering of applications • Conduct research to improve automation, accuracy, and efficiency of detection techniques and related systems, using both our own proprietary software as well as open-source tools. • Contribute expertise to Veracode’s customer- and public-facing documentation to ensure information is current, accurate, and actionable • Mentor and provide technical guidance to developers and researchers • Actively participate in the software security community by attending and presenting at industry conferences, conducting and publishing original research, contributing articles to the Veracode blog and/or trade blogs and magazines, etc.

• Develop, implement, and maintain a comprehensive, long-term, global information security strategy aligned with business objectives and risk tolerance. • Refine and enforce security policies, standards, and procedures across the organization. • Report on the organization's security posture and risk profile to the executive team and the Board of Directors. • Establish and lead the security operations center (SOC) and incident response teams. • Develop and execute an incident response plan to ensure swift detection, containment, and recovery from security breaches. • Oversee the management of security technologies. • Provide strategic direction for the design and implementation of secure enterprise and cloud infrastructure. • Stay current with emerging cybersecurity threats, technologies, and best practices. • Evaluate and recommend new security technologies and services to enhance the organization's defenses. • Lead the identification, assessment, and mitigation of security risks and vulnerabilities. • Ensure the organization's compliance with relevant industry standards and regulatory frameworks (e.g., GDPR, HIPAA, ISO 27001, SOX). • Manage and assess the security risks associated with third-party vendors and partners. • Continue hardening vendor risk management program to ensure supply chain security. • Mentor, and lead a high-performing information security team. • Continue fostering a culture of cybersecurity awareness across all departments through training and communication programs. • Maintain strong working relationships with cross-functional teams, including DevOps, IT, Legal, Privacy, Engineering, Data and integrate security into business processes.

• Collaborate with engineering and product on improving existing and building new product features with focus on threat modeling, assurance and secure implementation, some examples of recent work include implementation of secure key management, passwordless authentication, m2m authentication, sandboxing and compute/network/storage isolation • Identify security gaps and vulnerabilities in ClickHouse Cloud and OSS, triage a wide range of vulnerabilities reported via our bug bounty program, responsible disclosure, GitHub Issues covering web, API and server - client assets including low level memory issues like heap or buffer overflows • Improve and develop security assurance activities - pentests, vulnerability assessments, bug bounty programs, fuzzing • Drive implementation and usage of engineering security tools - static, dynamic code analysis, dependency checks, code licensing compliance (working knowledge of Snyk, Semgrep, GitHub CodeQL) • Nurture the engineering - security relationship, identify and implement process and technology improvements • Handle information security events and incidents across ClickHouse products and services • Develop processes, tooling and automation to scale security processes and mitigate risks to the business.

• Engage students in an asynchronous and inclusive learning environment by providing guidance and resources in a pre-developed online course. • Prioritize Student Engagement – Work with students by responding within set timeframes and reaching out proactively to students needing additional support. • Recognize student needs holistically and connect them with resources. • Encourage participation, collaboration, and strong faculty-student relationships to enhance learning and build skills. • Share Expertise and Resources – Stay current in your field of expertise, share your experience, and recommend relevant supplementary materials to enhance student understanding of course content. • Find accessible ways to explain complex topics. • Offer Feedback & Assessment – Evaluate student work and provide individualized, constructive feedback within set timeframes to promote growth and mastery of course outcomes. • Facilitate Discussions – Encourage student interaction through active participation in online discussions while fostering an inclusive, engaging, and respectful environment that promotes open dialogue and diverse perspectives.