CLEAR helps create safer, easier experiences everywhere you go. We believe you are you & by using your biometrics your eyes, face, & fingerprints we keep you moving. Imagine a world where you can do virtually everything you need to breeze through the airport, buy a beer at the game, check-in at the doctors office, access your office building, & more without ever pulling out your wallet. CLEAR is currently available in 50+ airports, venues & more. Now with Health Pass, CLEAR securely connects a persons digital identity to multiple layers of COVID-related insights to help reduce public health risk & restore peace of mind.
Were defining & leading an entirely new industry, obsessing over our customers, & investing in great people to lead the way. Recently named on CNBCs Disruptor 50 List for the third year in a row & winner of the SXSW Interactive Innovation Award, CLEAR is providing frictionless experiences & technology for our partners & 7+ million members.
CLEAR is seeking a Senior Analyst, FISMA Compliance. The right person for this role has a strong drive to solve security challenges within a rapidly expanding industry & the desire to work in a complex technology environment. This individual will work in CLEARs Information Security team, partnering heavily with Infrastructure & Security Engineering teams to analyze requirements from the Transportation Safety Administration (TSA), prepare for compliance efforts, & assess compliance with regulatory standards. This individual will have solid experience in cyber & IT regulatory compliance (FISMA, NIST 800-53, PCI-DSS, HIPAA, etc.), demonstrated success in working with Federal agencies & governing bodies, responding to IT or security audits & compliance attestations, & performing information assurance & compliance assessments.
What You Will Do:
- Partner with Security Engineering & Technology to operationalize functional requirements for security compliance.
- Coordinate with CLEAR stakeholders to ensure FISMA compliance.
- Support & enable our continued partnership with the TSa.
- Work with CLEARs key stakeholders to maintain Systems Security Plans (SSPs).
- Routinely monitor & provide assurance on required control assessments & audits.
- Update & maintain the documentation for Plan of Action & Milestones (POAM).
- Document changes to policy; such as new & enhanced controls
- Respond to security inquiries & audits
- Participate in the selection of information security solutions
Who You Are:
- Conversant with system & application security risks, threats & vulnerabilities
- Familiar with risk management processes
- Familiar with the ATO process & documentation including SSPs, & POAMs
- Knowledge of cloud based technologies, container, & network security
- Expertise with cybersecurity & privacy principles & controls used to manage risks related to the use, processing, storage, & transmission of information or data
- Experience with the NIST 800-53 security standards & controls
- 5+ years of information systems security or related auditing experience
- Established security certifications, CISSP or CISM preferred
- Ability to independently operate in high-pressure & dynamic environment