Founded in 2010, CLEARs mission is to create frictionless experiences. With more than 12+ million members & hundreds of partners across the world, CLEARs identity platform is transforming the way people live, work, & travel. Whether its at the airport, stadium, or right on your phone, CLEAR connects you to the things that make you, you - making everyday experiences easier, more secure, & more seamless. Since day one, CLEAR has been committed to privacy done right.
As the Senior Security Engineer, you will report to the Head of Corporate Cybersecurity & help establish the security bar for CLEAR's services & infrastructure. You will help take security concerns, defined or nebulous, & create initiatives that CLEAR should prioritize, providing technical direction, oversight, & execution. You're the go-to person that other technology & engineering teams turn to when they're not sure how to do something, or when theyre not sure which technology option best suits an initiative. You will help with the development, deployment, & operations of security tools. You will regularly partner with the various Security & Infrastructure teams, identifying opportunities to collaborate & push CLEARs technological footing into the future.
The individual fulfilling this role will also provide security solutions around Applications, Infrastructure, Platform, & Cloud Services (IaaS/PaaS/SaaS). A successful candidate must demonstrate a history of producing effective, innovative architectural solutions on an enterprise scale. They will continually evaluate the evolving cybersecurity industry to maintain currency & understanding of the latest innovations.
What You Will Do:
- Designs security reference architectures & associated security principles to support business projects, to include necessary integration points across CLEAR, in accordance with CLEAR security standards & various applicable regulatory & compliance requirements
- Supports assessments of critical security controls for the companys cloud-based business applications to include recommending security gap remediations based on assessments
- Builds template plans to assist with application migrations into different cloud deployment models
- Evaluates designs & implements new cloud technology & processes to mature security controls
- Designs & develop security architectures for the public (Azure, AWS, GCP) & hybrid clouds
- Works with CLEARs various technology organizations to choose appropriate technology solutions & facilitates complete integration into the respective environments
- Participates in the review of design principles & controls relating to third party solution providers
- Maintains currency of new & emerging security threats, security frameworks, & regulations
- Facilitates deployment orchestration & automation with a focus on security
Who You Are:
- At least 6 years of experience in security engineering experience
- Extensive experience in architecting & engineering complex security solutions utilizing & interpreting models to implement company policies, standards globally
- You can bring an initiative from concept to full production deployment while maintaining security & operational excellence throughout the process
- You influence other engineers with your technical depth & collaborative attitude
- Knowledgeable of cybersecurity audit standards/models/frameworks such as ISO27001, NIST, COBIT, DRII CBK, Six Sigma, ITIL, PCI, SOX, FDA, HIPAA, PII, etc.
- Broad technical security skills in multiple areas such as application deployments, endpoints, data, EDR, infrastructure, cloud, DNS, PKI, OS (Windows, MAC, *NIX), SDN, encryption, authentication, firewalls, proxies, identity & access control, vulnerability management, BC/DR, remote access, & cryptography
- Demonstrated experience utilizing one or more cloud technologies such as Azure, AWS, or GCP
- Self-motivated with a strong ability to work & maintain currency in a changing landscape
- Ability to develop & document methods, standards, & guidelines
- Excellent oral & written communication skills
- Undergraduate-level in Computer Science/Cybersecurity or equivalent professional experience
- CISSP and/or CISM