
Senior Security Automation Engineer
Posted 1 day ago

Posted 1 day ago
This is a fully remote position, open to applicants in United States.
• Develop the Security Telemetry and Risk Fabric.
• Control Design: Transform control frameworks into multi-layered implementations that mitigate risks and identify potential weaknesses within control design. Transition from reactive monitoring to proactive self-healing security, addressing compliance drift before it leads to audit findings.
• Security Telemetry: Design a centralized security telemetry system that programmatically captures control evidence and health in real-time, moving from manual snapshots to continuous data streams for a constant overview of our security posture.
• Custom Assurance Logic: Create specialized automation that functions as a continuous audit mechanism to reduce findings and deliver real-time insights into our automated control efficacy. Expand visibility into our proprietary applications and intricate internal workflows, ensuring our most essential controls are consistently validated.
• Agentic Risk Engine: Collaborate with our risk management team to develop a secure method for generating agentic risk assessment workflows utilizing the data and outcomes from the collected information.
• Architect Universal Identity and Access Automation.
• Universal Provisioning Connectors: Design solutions for systems lacking native IGA support (such as proprietary databases, custom applications, and niche SaaS) to facilitate immediate account creation and de-provisioning—removing the need for tickets, wait-times, and enhancing visibility into the status of Clickhouse identities.
• Customer-Approved Access Workflows: Design intricate, high-trust workflows essential for support teams to access customer-specific instances, ensuring actions are customer-approved, strictly time-sensitive, and automatically revoked following a "Trust-by-Design" model.
• Centralized Security Visibility: Transform "hidden" access managed by various business units into a unified, observable permissions inventory, achieving complete visibility into permissions at the authZ level across our comprehensive suite of applications.
• Automated Secret Discovery & Inventory: Create automation to perpetually discover and inventory secrets, credentials, and API keys throughout the environment, providing aging and rotation schedules for long-lived keys.
• Eliminate "Ghost Accounts": Reduce audit risks by ensuring automated de-provisioning of local identities, API keys, and persistent permissions across all target systems.
• Collaborate Across Security, Engineering, and Product.
• Strong practical experience in security automation and identity engineering (IAM/IGA).
• Proficient in at least one widely used programming language to develop scalable automation. Required experience in Python, JavaScript (TypeScript highly preferred), or Go.
• Experience in building scalable and dependable automation ecosystems.
• Familiarity with compliance automation, continuous control monitoring, and adapting GRC tools to fulfill the detailed requirements of various compliance frameworks.
• Understanding of risks linked to change management, logical access, and data integrity.
• Flexible work environment - ClickHouse is a globally distributed, remote-friendly company operating in over 20 countries.
• Healthcare - Employer contributions towards your healthcare expenses.
• Equity in the company - All new team members receive stock options upon joining.
• Time off - Flexible time off policy in the US, with generous entitlements in other countries.
• A $500 home office setup for remote employees.
• Global Gatherings – We value the importance of in-person connections and offer opportunities for engagement with colleagues at company-wide offsite events.
OnePlan
NVIDIA
XpertGroup
ABB
Get handpicked remote jobs straight to your inbox weekly.