Events  Classes  Jobs 
    Sign in  
 
 
CLEAR // biometric identity platform
 
Engineering, Full Time    New York City, United States    Posted: Saturday, May 02, 2020
 
   
 
Apply To Job
 
 
JOB DETAILS
 

CLEARs mission is to strengthen security & create frictionless experiences for consumers. We believe you are you & by using your biometrics - your fingerprints, eyes, & face - we keep you moving.Imagine a world where you can do virtually everything you need to breeze through the airport, buy a beer at the game, check-in at the doctors office, access your office building, & more without ever pulling out your wallet or phone. Now in 60+ airports & other venues nationwide, you are your ID, credit card, ticket, reservation & more with CLEAR.

Were defining & leading an entirely new industry, obsessing over our customers, & investing in great people to lead the way. Recently named on CNBCs Disruptor 50 List & winner of the SXSW Interactive Innovation Award, we're working tirelessly to create frictionless customer experiences for our 4+ million members across the country.

We are looking for a Application Security Engineer to join our growing team! As an Application Security Engineer, you will have the opportunity to take your penetration & overall application security testing to the next level! Our team performs everything from biometric & Web security testing to remediation, as well as creating automated security products, enabling stakeholders across CLEAR to deliver secure software.


What You Will Do:

  • Partner with teams & deliver security risk assessments, manual penetration security testing, automate security testing, threat modeling, & education on secure coding.
  • Deliver security products & consult with DevOps, as part of a high-profile security team, supporting automated security testing as part of CLEARs next generation CI/CD pipelines
  • Lead internal & external penetration tests across CLEARs most critical assets, as well as triage issues with internal stakeholders for remediation.
  • Create functional & non-functional security requirements, including delivering secure cloud services, that strike a balance of product usability.

Who You Are:

  • 2+ year of experience in software development & implementing security into SDLC processes.
  • 2+ years experience (in excess of degree requirements). Minimum 2 years relevant architecture experience with expert level knowledge of application systems design & integration.
  • Comprehensive knowledge, experience, & understanding of testing for the OWASP Top 10, WASC TCv2, & CWE 25, including PoCs, automating attacks, & secure code remediation.
  • Excellent interpersonal communication skills, breaking down vulnerabilities to both developers & leadership.
  • Personal passion for security & cutting edge security concepts.

Required Skills:

  • Strong understanding of Software Security Architecture & Design, SDLC, CI/CD, & the ability to clearly articulate best practices for application security.
  • Experience writing in one or more of the following programming languages: C/C++, Java, Ruby, Python, & JavaScript.
  • Evaluate, deploy, & manage application security tools (e.g. DAST, SAST, IAST, RASP, WAF) & build strong vendor relationships.
  • Experience or knowledge with a cloud provider(s) (Amazon Web Services, Microsoft Azure, or Google Cloud)
  • Previous application security testing or Incident Response (IR) experience, including presenting & documenting vulnerabilities, findings or incidents.
  • Ability to listen for nuances, dig into details in order to understand systems deeply, & articulate technical details & risks to business leaders.
  • Familiarity with one or more industry standards & regulations such as PCI, NIST 800-53, FedRAMP & ISO27001.

Desirable Skills:

  • Strong programming & scripting experience in C#, C++. Java, Python, BASH, Go, or something similar.
  • Participates in CTFs or actively contributes to the security community through exploitation development.
  • Bachelor's degree or higher in Computer Science.
 
 
 
Apply To Job
 
 
 
 
 
© 2020 GarysGuide      Terms