
Senior Security Automation Engineer
ClickHouse is establishing a new, centralized Security Automation capability that acts as a technical force multiplier for its Security, Identity, and GRC functions. As a Senior Security Automation Engineer, you will build the underlying automation fabric that allows Security teams to scale, including a Universal Provisioning Engine and custom integration layers that satisfy external auditors while keeping internal teams focused on shipping features. You will eliminate the engineering interruption tax, give leadership a real-time view of risk posture, and ensure continuous compliance with zero audit surprises.
Responsibilities
- ▹Translate control frameworks into layered control implementations and shift from reactive monitoring to self-healing security that prevents compliance drift
- ▹Engineer a centralized security telemetry system that programmatically captures control evidence and health in real-time
- ▹Engineer custom assurance logic that acts as its own continuous audit function and extends visibility into proprietary applications
- ▹Partner with risk management to build a secure mechanism for agentic risk assessment workflows
- ▹Architect Universal Provisioning Connectors for systems that lack native IGA support (proprietary databases, custom apps, niche SaaS)
- ▹Architect customer-approved, time-bound access workflows for support teams under a Trust-by-Design model
- ▹Transition hidden access into a single, observable permissions inventory with full authZ-level visibility
- ▹Develop automation to continuously discover and inventory secrets, credentials, and API keys, including aging and rotation intervals
- ▹Ensure automated de-provisioning for local identities, API keys, and persistent permissions to eliminate ghost accounts
- ▹Partner across GRC, Finance, Security, Engineering, and Product to build bulletproof compliance automation and remove manual provisioning workflows
Requirements
- ▹Strong hands-on background in security automation and identity engineering (IAM/IGA)
- ▹Strong proficiency in at least one commonly used programming language for scalable automation; experience with Python, JavaScript (TypeScript highly preferred), or Go is required
- ▹Experience building scalable and reliable automation ecosystems
- ▹Familiarity with compliance automation, continuous control monitoring, and extending GRC tools to meet granular requirements of various compliance frameworks
- ▹Understanding of risks associated with change management, logical access, and data integrity
- ▹Demonstrated ability to translate complex security/GRC mandates into automated workflows and self-healing technical guardrails
- ▹Strong instincts for eliminating operational friction and the engineering interruption tax
- ▹Experience delivering continuous data streams for security posture and risk validation
Nice to have
- ▹BS, MS, or PhD in Computer Science or a related field
- ▹Previous experience at a cloud infrastructure, database, or developer tools company
- ▹Experience with AI/agentic risk engines and non-deterministic risk assessments
Soft skills
What we offer
- ▹Flexible, remote-friendly work environment (operating in over 20 countries)
- ▹Employer contributions towards your healthcare
- ▹Equity in the company - stock options for every new team member
- ▹Flexible time off (US) or generous entitlement in other countries
- ▹$500 home office setup for remote employees
- ▹Global gatherings and company-wide offsites
About the company
ClickHouse, recognized on the 2025 Forbes Cloud 100 list, is a fast-growing private cloud company with more than 3,000 customers and ARR growth over 250% year over year, backed by a $400M Series D round. Its Security organization is built around the mission of building customer trust through resilient, pragmatic security.