CLEAR helps create safer, easier experiences everywhere you go. We believe you are you & by using your biometrics your eyes, face, & fingerprints we keep you moving. Imagine a world where you can do virtually everything you need to breeze through the airport, buy a beer at the game, check-in at the doctors office, access your office building, & more without ever pulling out your wallet. CLEAR is currently available in 50+ airports, venues & more. Now with Health Pass, CLEAR securely connects a persons digital identity to multiple layers of COVID-related insights to help reduce public health risk & restore peace of mind.

Were defining & leading an entirely new industry, obsessing over our customers, & investing in great people to lead the way. Recently named on CNBCs Disruptor 50 List for the second year in a row & winner of the SXSW Interactive Innovation Award, CLEAR is providing innovative technology options for businesses & our 5+ million members to help create a safer environment no matter where you go.

CLEAR is seeking an Information Security Cyber Risk Analyst. The right person for this role has a strong drive to solve security challenges within a rapidly expanding environment, & the desire to implement best-in-class security measures using cutting edge technology. This individual will work in Cyber Risk Management, alongside the Security Engineering & Security Operations teams, partnering heavily with infrastructure & devops teams in a cloud native environment. This individual will have solid experience in cyber & IT risk assessment, vendor risk management, information assurance & controls assessments, & IT regulatory compliance.

What You Will Do:

• Perform risk assessment & risk mitigation analyses & ensure cyber risks are appropriately managed within risk appetite tolerance & limits
• Perform technical risk assessments on CLEAR information systems using established processes
• Perform compliance assessments & security controls testing in alignment with governing frameworks (FISMA, HIPAA, PCI, etc.)
• Perform vendor risk assessments on CLEAR service providers, suppliers, business partners & other third parties using established processes
• Ensure communication & awareness of the CLEAR security risk management framework
• Document changes to policy; such as new & enhanced controls
• Support tracking procedures to support policy documentation as they are developed & maintained by technical & business owners
• Support business partner security audits & inquiries, & ensure that any findings are remediated in a timely fashion
• Respond to inquiries from staff, administrators, service providers, site personnel & outside vendors, to provide technical assistance & support
• Contribute to the aggregation & reporting of cyber risk metrics & information

Who You Are:

• 3+ years of information systems security or related auditing experience
• Familiar with risk management processes (e.g., methods for assessing & mitigating risk)
• Expertise with cybersecurity & privacy principles & security controls used to manage risks related to the use, processing, storage, & transmission of information or data
• Conversant with system & application security risks, threats & vulnerabilities
• Familiar with network security architecture concepts: including topology, protocols, components, & principles (e.g., application of defense-in-depth)
• Working knowledge of cloud, container, & network security
• Excellent oral & written communication skills in both a technical & non-technical environment
• Strong detail orientation, follow-through capabilities & escalation of key issues
• Ability to follow documented operational procedures & independently organize, prioritize & follow-up on tasks in a high-pressure environment
• CISSP, CRISC, or related certifications preferred