At ClickHouse, we believe that Culture is above all being shaped and nurtured by our colleagues. It’s the way that we interact, work with each other, communicate and help each other learn along the way. Instead of stating what we think our culture should be in principle, we prefer to share our team members’ views and direct experiences of what it’s really like to work at ClickHouse: positives and challenges included.
In a series of spotlights, some of our team members kindly share what matters to them and how they find working at ClickHouse.
This month, we’ve had the opportunity to chat with San Tran, Application Security Engineer based in Australia. We’re very grateful to San for all his contributions and collaboration with the team on security topics, as well as his creativity and flexibility in making the difference in timezone work for him, his family and colleagues!
We’re also delighted that 2 months into his role as a Detection and Incident Response Security Engineer, San agreed to pursue career growth by changing his job title and focus to Application Security. We can’t wait to see his career continuing to grow with ClickHouse.
One of the themes that comes up in San’s post is an extremely important part of team work: how to make our contribution as helpful as possible to others and not be a “blocker”. The way that San thinks of his area of work and his proactive efforts to make it resonate with the team is a great example of how we can empower others through our own work.
When I work with others or asked to provide advice on security topics, I often go the extra mile in doing research or experimenting in my local lab to make sure I fully understand the problem statement and the options we have. By giving clear explanations about vulnerabilities & risks through threat modeling and the different solutions to address these issues, It changes the narrative that is often being misunderstood from "This is what you must do" to "Let's discuss and find the best approach to solve this problem".
What do you do at CH and how do you like to work with others across a distributed team?
I'm an Application Security Engineer at ClickHouse and I love sharing my passion about security with others. My daily tasks can vary due to the nature of my work, sometimes I am involved in big async discussions over github issues, slack, google doc about product features and security, other times, I would put my head down and focus on deploying or building security tools to protect our organisation. Being one of the only two people in the company who live in a completely different timezone from the rest has its challenges at first but with the way we work at ClickHouse, I have always felt included. Most important meetings are recorded and can easily be watched at my own convenience and the flexible working hours mean I can spend more time with my kids when they are back from school or on holiday and get more work done after they go to bed early in the night. Working at ClickHouse is not about 9 to 5, it is about having a good work life balance, managing your own time and getting sh** done.
What do you do outside of ClickHouse: any passions or hobbies?
Being a dad of two young boys, I enjoy spending most of my time with them when I'm not working. It is fun to watch my kid learning to program on embedded devices, doing fun science experiments or going for a bush walk. In other words, parenting is my hobby at the moment and I absolutely enjoy it.
What do you care most about when working with other team members?
First and foremost, I don't want to be a blocker. Depending on the organisation and the people you work with, Security can be a tough topic. Luckily for me, everyone at ClickHouse takes security very seriously and it doesn't take any effort to convince them how to make things more secure. It's not the "We can't do that" mentality I often saw in the past but rather "How can we make it better". Of course, there will be time when the Security team pulls the plug and stops bad security practices but I have yet to do it at ClickHouse.
When I work with others or asked to provide advice on security topics, I often go the extra mile in doing research or experimenting in my local lab to make sure I fully understand the problem statement and the options we have. By giving clear explanations about vulnerabilities & risks through threat modeling and the different solutions to address these issues, It changes the narrative that is often being misunderstood from "This is what you must do" to "Let's discuss and find the best approach to solve this problem".
What makes CH a special place to be, in your opinion?
The people, the blameless culture, the flexible working hours - It makes me feel like we are just one big family. Those are 100% true but being someone working in tech, I'm most attracted to the technology - the more I learn about ClickHouse itself, the more I find it fascinating and wonderful. We are also working on some cool challenges that you don't get to experience anywhere else unless major big tech companies like FAANG. I'm proud to work alongside many seasoned developers who spent many years building cloud-scale products.
Every job or company also has challenges: what are your challenges at ClickHouse right now?
Technology evolves so rapidly and what you learn today will become obsolete in just a few months. Given that security covers everything from the bits being stored on disk or the neighbouring bits (side channel attack, i'm looking at you), the network infrastructure to the javascript running in users' browser, It is always a challenge when I join any company to get myself up to speed with everything going on and every bit of technology being used. This is even more so when my work is in application security engineering, where deep knowledge of our system is the key to solve these problems now and in the future.
Any photos you want to share?
This is picture of me and my boys ;)
