Description
Core Responsibilities:
• Workflow Orchestration: Design automated playbooks for common security scenarios (e.g., phishing triage, host isolation, user offboarding) using code or logic flows.
• API Integration: Build custom connectors to link disparate systems (e.g., SIEM, EDR, Ticketing Systems) via REST/gRPC APIs.
• ChatOps: Develop bots for internal collaboration platforms (e.g., Slack/Teams) to enable self-service security tasks.
• AI-Driven Triage: Implement Generative AI workflows to autonomously parse tickets, summarize alerts, and extract Indicators of Compromise (IoCs).
Must-Have Skills:
• Scripting & Coding: Strong proficiency in Python or Golang with a focus on API interaction and data processing.
• Integration Patterns: Expert understanding of Webhooks, RESTful design, and authentication methods (OIDC/OAuth/API Keys). • Operational Logic: Experience with SOAR concepts (Logic Apps, Serverless Functions, or Workflow Engines) to automate decision trees.
• Security Context: Understanding of the Incident Response lifecycle and standard data formats (JSON, YAML).
Preferred / Nice to Have:
• Experience with ITSM platforms (e.g., ServiceNow/Jira) for automated ticketing.
• Frontend knowledge (JS/TS) for building simple internal dashboards or Browser Extensions.
• Experience with Containerization (Docker) for deploying automation scripts.
Clearwater serves a diverse and growing base of customers across the healthcare ecosystem, including several of the nation’s largest health systems as well as a large universe of regional hospitals, physician practice management groups, digital health and other healthcare technology companies, medical device manufacturers, and business service providers. Our mission is to help those organizations move to a more secure, compliant, and resilient state so they can achieve their mission.
