Senior Security Automation Engineer

USD 125,000-205,000 per year
SENIOR
✅ Remote

Used Tools & Technologies

Not specified

Required Skills & Competences

Security @ 4 TypeScript @ 4 Python @ 4 JavaScript @ 4 API @ 4 Audit @ 4 Compliance @ 4 Observability @ 4 AI @ 4 ClickHouse @ 4 Change Management @ 4

Details

About ClickHouse

Recognized on the 2025 Forbes Cloud 100 list, ClickHouse is one of the most innovative and fast-growing private cloud companies. With more than 3,000 customers and ARR that has grown over 250 percent year over year, ClickHouse leads the market in real-time analytics, data warehousing, observability, and AI workloads.

The Security organization at ClickHouse is built around a single mission: build customer trust through resilient, pragmatic security. We are establishing a new, centralized Security Automation capability — a dedicated function responsible for delivering automation work across all product lines and engineering dimensions at ClickHouse, acting as a technical force multiplier for our Security, Identity, and GRC functions.

Role overview

You will be an experienced Senior Security Automation Engineer responsible for building the underlying automation fabric that allows Security teams to scale. You will build a Universal Provisioning Engine and custom integration layers to satisfy external auditors while keeping internal teams focused on shipping features. The role focuses on continuous compliance, identity provisioning automation, security telemetry, and extending compliance tools into proprietary applications.

Location: United States (remote)

Responsibilities

Build the Security Telemetry and Risk Fabric

  • Translate control frameworks into layered control implementations to prevent and detect risks.
  • Engineer a centralized security telemetry system to capture control evidence and health in real-time (continuous data streams vs manual snapshots).
  • Implement custom assurance logic that acts as a continuous audit to minimize findings and provide real-time insights into automated control performance.
  • Partner with risk management to build mechanisms for agentic risk assessment workflows.

Architect Universal Identity and Access Automation

  • Architect universal provisioning connectors for systems that lack native IGA support (proprietary databases, custom apps, niche SaaS) to enable automated account creation and de-provisioning.
  • Design high-trust, customer-approved access workflows for support teams with time-bound, automatically revoked access.
  • Centralize visibility for permissions to create a single observable permissions inventory across applications.
  • Develop automation for continuous discovery and inventory of secrets, credentials, and API keys with aging and rotation tracking.
  • Ensure automated de-provisioning to eliminate ghost accounts and persistent permissions across target systems.

Partner Across Security, Engineering, and Product

  • Work with GRC, Finance, and Security to build custom, robust automation to meet different audit frameworks.
  • Reduce manual provisioning workflows that create operational friction and interrupt engineering teams.

Requirements

Security & Automation Engineering Depth

  • Strong hands-on background in security automation and identity engineering (IAM/IGA).
  • Strong proficiency in at least one commonly used programming language to build scalable automation. Experience with Python, JavaScript (TypeScript highly preferred), or Go is required.
  • Experience building scalable and reliable automation ecosystems.
  • Familiarity with compliance automation, continuous control monitoring, and extending GRC tools to satisfy compliance frameworks.
  • Understanding of risks associated with change management, logical access, and data integrity.

Execution and Delivery

  • Demonstrated ability to translate complex security/GRC mandates into automated workflows and self-healing guardrails.
  • Strong instincts for eliminating operational friction and reducing engineering interruptions.
  • Experience delivering continuous data streams for security posture and risk validation.

Bonus

  • BS, MS, or PhD in Computer Science or related field.
  • Previous experience at a cloud infrastructure, database, or developer tools company.
  • Experience with AI/agentic risk engines and non-deterministic risk assessments.

Compensation

  • Typical US starting salary: $125,000 - $174,000 USD
  • Typical US Premium Markets starting salary (e.g., San Francisco Bay Area, New York City Metro): $157,000 - $205,000 USD

These ranges reflect the employer's current view of minimum and maximum pay for this role; actual compensation may vary based on experience, qualifications, location, and other factors.

Perks

  • Flexible work environment (globally distributed and remote-friendly).
  • Employer contributions towards healthcare.
  • Equity (stock options) for new employees.
  • Flexible time off in the US; generous entitlement in other countries.
  • $500 home office setup for remote employees.
  • Global gatherings and company-wide offsites.

Equal Opportunity & Privacy

ClickHouse provides equal employment opportunities and prohibits discrimination and harassment. For the applicant privacy statement, see the company's privacy notice link in the original posting.

More jobs at ClickHouse

Similar jobs