• Collaborate with engineering and product on improving existing and building new product features with focus on threat modeling, assurance and secure implementation, some examples of recent work include implementation of secure key management, passwordless authentication, m2m authentication, sandboxing and compute/network/storage isolation • Identify security gaps and vulnerabilities in ClickHouse Cloud and OSS, triage a wide range of vulnerabilities reported via our bug bounty program, responsible disclosure, GitHub Issues covering web, API and server - client assets including low level memory issues like heap or buffer overflows • Improve and develop security assurance activities - pentests, vulnerability assessments, bug bounty programs, fuzzing • Drive implementation and usage of engineering security tools - static, dynamic code analysis, dependency checks, code licensing compliance (working knowledge of Snyk, Semgrep, GitHub CodeQL) • Nurture the engineering - security relationship, identify and implement process and technology improvements • Handle information security events and incidents across ClickHouse products and services • Develop processes, tooling and automation to scale security processes and mitigate risks to the business

• Collaborate with engineering and product on improving existing and building new product features with focus on threat modeling, assurance and secure implementation, some examples of recent work include implementation of secure key management, passwordless authentication, m2m authentication, sandboxing and compute/network/storage isolation • Identify security gaps and vulnerabilities in ClickHouse Cloud and OSS, triage a wide range of vulnerabilities reported via our bug bounty program, responsible disclosure, GitHub Issues covering web, API and server - client assets including low level memory issues like heap or buffer overflows • Improve and develop security assurance activities - pentests, vulnerability assessments, bug bounty programs, fuzzing • Drive implementation and usage of engineering security tools - static, dynamic code analysis, dependency checks, code licensing compliance (working knowledge of Snyk, Semgrep, GitHub CodeQL) • Nurture the engineering - security relationship, identify and implement process and technology improvements • Handle information security events and incidents across ClickHouse products and services • Develop processes, tooling and automation to scale security processes and mitigate risks to the business

• Lead design, deployment, and tuning of Mindvalley’s cybersecurity tooling (SIEM, CSPM, vulnerability scanners, endpoint detection, and SaaS monitoring). • Manage and optimize GCP Security Command Center, Google Workspace, Okta/Auth0, and integrations across the SaaS ecosystem. • Automate detection and response using scripting / automation tools. • Operate the full lifecycle of vulnerability management. Discovery, triage, remediation coordination, validation, and metrics reporting. • Perform targeted penetration tests and purple-team simulations against high-value assets. • Correlate findings across multiple tools and automate risk reporting dashboards. • Continuously harden GCP configurations, GWS configurations and CI/CD pipelines. • Build secure defaults and reusable controls for Engineering teams (e.g., API authentication patterns, secret management, encryption policies). • Partner with Product and AI Innovation teams to embed secure development practices and data protection into new services. • Administer and optimize Okta/Auth0, ensuring robust identity governance, adaptive MFA, and automation of joiner–mover–leaver workflows. • Review and harden access policies across Google Workspace, GitHub, Slack, and internal apps. • Design alert enrichment, automated ticket creation, and response playbooks. • Act as incident commander for security incidents, coordinating detection, containment, and recovery. • Maintain runbooks, logging pipelines, and retrospectives that feed back into continuous improvement. • Support audits, vendor security assessments, and risk management processes. • Maintain key security KPIs and dashboards for leadership reporting.

• Enable and guide teams to adopt DevSecOps practices, ensuring security is built into CI/CD and infrastructure pipelines through shared standards, tooling, and best practices. • Work with IT Manager on company identity and access management: IdP configuration, user/group organization, and automation via cross-platform synchronization and SAML. • Administer and automate GitHub Enterprise and JFrog management (users, teams, org policies, and compliance) using IaC. • Operate and tune SIEM, DLP, and centralized logging systems; define and maintain detection and alerting rules. • Review audit logs and security telemetry across cloud, SaaS, and developer systems for anomalies and compliance issues. • Work with IT Manager to build automated onboarding/offboarding and access reviews aligned with least-privilege principles. • Collaborate with platform, product, and engineering teams to design secure-by-default workflows, infrastructure, and deployment practices, ensuring consistent security controls across products. • Conduct risk assessments, tabletop exercises, and threat simulations in concert with engineering and operations teams, ensuring security readiness is collaborative and integrated. • Lead and coordinate penetration testing efforts, including scoping, vendor engagement, and remediation tracking. • Support SOC 2 and related compliance efforts through control validation and evidence collection. • Help respond to and complete customer and vendor security questionnaires, collaborating with compliance and engineering teams to ensure accurate and timely answers