ClickHouse

Principal Product Manager, Security & Compliance

ClickHouse · United States

Software Development · 501-1,000 employees

20 h ago
Principal (10+ yrs) Full-time United States
Log in to apply, save this posting, or score it against your profile with AI.

About the role

Lead the strategy for FedRAMP certification and the expansion of Sovereign Cloud offerings in regulated sectors. Define product architectures for restricted environments and ensure compliance with global security and data residency requirements.

What they look for

Product Management Cloud Security FedRAMP Compliance Sovereign Cloud Strategy Data Residency IAM Encryption Audit Logging Cloud Architecture Regulatory Compliance Cross-functional Leadership Enterprise SaaS

Requirements

Requires 8+ years of product management experience with at least 3 years focused on cloud security or enterprise SaaS compliance. Must have deep expertise in FedRAMP requirements and cloud architectures across AWS, GCP, and Azure.

Full description

We are seeking a high-impact Principal Product Manager to lead ClickHouse’s strategy for highly regulated sectors, specifically focusing on FedRAMP compliance and the global expansion of our Sovereign Cloud offerings. As ClickHouse Cloud scales to support the world’s largest enterprise and public-sector customers, you will be responsible for ensuring our platform meets the most stringent security, isolation, and data residency requirements.

This role sits at the intersection of product strategy, security engineering, and compliance. You will own the roadmap for achieving FedRAMP certification and define the product architecture for deployment in restricted environments like the European Sovereign Cloud (ESC) and the Kingdom of Saudi Arabia (KSA).

FedRAMP & Compliance Leadership

  • Define and execute the multi-year roadmap to achieve FedRAMP Moderate certification and, eventually, FedRAMP High certification for ClickHouse product offerings.
  • Partner with engineering and the compliance team to ensure product capabilities support SOC 2, ISO 27001, HIPAA, PCI and other frameworks.
  • Translate complex federal security requirements into actionable product specifications for Identity and Access Management (IAM), encryption, and audit logging, personnel access.
  • Serve as the primary product nominee for FIPS compliance modules and government-specific licensing models.

Sovereign Cloud & Regional Expansion

  • Lead the product strategy for the European Sovereign Cloud (ESC) and KSA regions, navigating prerequisites including legal, partnership (e.g., CNTXT), and infosec requirements.
  • Define data residency and personnel control requirements (e.g., in-country staff, cleared personnel) to support organizational data sovereignty.
  • Collaborate with AWS, Microsoft Azure and Google Cloud on specialized deployment packages like Assured Workloads for restricted jurisdictions.

Qualifications

  • Experience: 8+ years of product management experience, with at least 3 years deeply focused on cloud security, infrastructure, or enterprise SaaS compliance.
  • Domain Expertise: Deep understanding of FedRAMP (Moderate/High) requirements and the process of achieving certification for a multi-tenant cloud service.
  • Technical Depth: Strong grasp of cloud architectures (AWS, GCP, Microsoft Azure), including VPC peering, private endpoints, encryption (BYOK/KMS), and multi-tenant security.
  • Regulatory Knowledge: Familiarity with global data sovereignty trends and regulations such as GDPR, and their impact on cloud region strategy.
  • Communication: Exceptional ability to explain complex compliance and technical concepts to both engineering teams and executive stakeholders.
  • Leadership: Proven track record of working cross-functionally across legal, security, operations, and sales to launch products in regulated markets.

Bonus Qualifications

  • Prior experience securing a data platform, database product, or real-time analytics service.
  • Experience commercializing open-source technologies for enterprise-grade deployments.