Founded in 2010, CLEAR’s mission is to create frictionless experiences. With more than 12+ million members and hundreds of partners across the world, CLEAR’s identity platform is transforming the way people live, work, and travel. Whether it’s at the airport, stadium, or right on your phone, CLEAR connects you to the things that make you, you - making everyday experiences easier, more secure, and more seamless. Since day one, CLEAR has been committed to privacy done right.
As the Senior Security Engineer, you will report to the Head of Corporate Cybersecurity and help establish the security bar for CLEAR's services and infrastructure. You will help take security concerns, defined or nebulous, and create initiatives that CLEAR should prioritize, providing technical direction, oversight, and execution. You're the “go-to” person that other technology and engineering teams turn to when they're not sure how to do something, or when they’re not sure which technology option best suits an initiative. You will help with the development, deployment, and operations of security tools. You will regularly partner with the various Security and Infrastructure teams, identifying opportunities to collaborate and push CLEAR’s technological footing into the future.
The individual fulfilling this role will also provide security solutions around Applications, Infrastructure, Platform, and Cloud Services (IaaS/PaaS/SaaS). A successful candidate must demonstrate a history of producing effective, innovative architectural solutions on an enterprise scale. They will continually evaluate the evolving cybersecurity industry to maintain currency and understanding of the latest innovations.
What You Will Do:
- Designs security reference architectures and associated security principles to support business projects, to include necessary integration points across CLEAR, in accordance with CLEAR security standards and various applicable regulatory and compliance requirements
- Supports assessments of critical security controls for the company’s cloud-based business applications to include recommending security gap remediations based on assessments
- Builds template plans to assist with application migrations into different cloud deployment models
- Evaluates designs and implements new cloud technology and processes to mature security controls
- Designs and develop security architectures for the public (Azure, AWS, GCP) and hybrid clouds
- Works with CLEAR’s various technology organizations to choose appropriate technology solutions and facilitates complete integration into the respective environments
- Participates in the review of design principles and controls relating to third party solution providers
- Maintains currency of new and emerging security threats, security frameworks, and regulations
- Facilitates deployment orchestration and automation with a focus on security
Who You Are:
- At least 6 years of experience in security engineering experience
- Extensive experience in architecting and engineering complex security solutions utilizing and interpreting models to implement company policies, standards globally
- You can bring an initiative from concept to full production deployment while maintaining security and operational excellence throughout the process
- You influence other engineers with your technical depth and collaborative attitude
- Knowledgeable of cybersecurity audit standards/models/frameworks such as ISO27001, NIST, COBIT, DRII CBK, Six Sigma, ITIL, PCI, SOX, FDA, HIPAA, PII, etc.
- Broad technical security skills in multiple areas such as application deployments, endpoints, data, EDR, infrastructure, cloud, DNS, PKI, OS (Windows, MAC, *NIX), SDN, encryption, authentication, firewalls, proxies, identity and access control, vulnerability management, BC/DR, remote access, and cryptography
- Demonstrated experience utilizing one or more cloud technologies such as Azure, AWS, or GCP
- Self-motivated with a strong ability to work and maintain currency in a changing landscape
- Ability to develop and document methods, standards, and guidelines
- Excellent oral and written communication skills
- Undergraduate-level in Computer Science/Cybersecurity or equivalent professional experience
- CISSP and/or CISM
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided