Events  Classes  Deals  Spaces  Jobs  SXSW 
    Sign in  
 
 
CLEAR is a cutting edge biometric tech company bringing future of travel to passengers.
 
New York City, United States    Posted: Friday, February 01, 2019
 
   
 
Apply To Job
 
 
 
JOB DETAILS
 

CLEAR transforms what is uniquely you your fingerprints, your face, your eyes into a secure, biometric key to frictionless experiences. We are creating a world where travel is effortless, where accessing your office building is as simple as walking in, & where shopping is as easy as walking in & out of a storewithout ever once showing an ID or credit card. CLEAR currently powers secure, frictionless customer experiences in nearly 40 U.S. airports & venues. With over 2 million members so far, CLEAR is the identity platform of the future, today.

We are seeking Director, Cyber Risk Management. This person will be a driven self-starter with experience in managing & mitigating IT & Cyber Risk to join CLEARs GRC team & develop 2nd line-of-defense processes, policies & tools for CLEARs Cyber Security Risk environment. Cyber Security Risk coverage areas include evaluate overall cyber & IT security risk, provide assurance over cyber & IT risk, monitor & report on risks & ensure that remediation efforts to remediate the risks are adequate.

What You Will Do:

  • Develop, enhance & maintain a robust & sustainable Cyber & IT Security Risk program
  • Partner with the VP of Cyber Security Strategy, Risk & Governance, Chief Security Officer (CSO), IT organization & business units to establish standards, policies, & develop KRIs & KPIs for measuring & monitoring cyber & IT risks on a continuous basis
  • Manage risk assessors to provide & perform independent assurance & validation activities over common cybersecurity controls that include both administrative & technical controls
  • Assess the accuracy, completeness, & sufficiency of the risk management governance framework, processes & methodologies. Identify & define emerging cyber threats & risks to CLEARs environment
  • Perform effective challenge of all critical & highly sensitive processes & controls, & business continuity
  • Develop cyber security risk scenarios to identify potential attack vectors & TTP (tactics, techniques & procedures) to guide the continuous improvement of CLEARs cyber defense posture. Lead & support selected cyber security remediation efforts, involved with strategic planning with Security Operations, Security Engineering & IT

Who You Are:

  • Have a solid foundation in information technology & information security principles. Familiar with common cybersecurity frameworks & standards such as NIST SP 800-53, CSC Top 20, ISO 27000 series, PCI-DSS, HIPAA & GDPR.
  • Possess broad & deep understanding of technical security concepts & familiarity with related technologies & infrastructure, as well as a solid conceptual knowledge of enterprise IT system operations
  • Familiar with cloud security technologies, techniques & methodologies
  • Proficient in common cybersecurity domains: data protection, access control, encryption, identify management, security operations, application security, penetration tests, endpoint security, vulnerability management, threat intelligence, risk assessment
  • Able to analyze root causes of cyber security issues & documenting remediation
  • Have a high degree of initiative, dependability & ability to work with little supervision.
  • Possess strong leadership skills with the ability to lead by influence
  • Strong written & verbal communication
  • Prior experience:
    • Previous working experience in cybersecurity operation & relevant security design knowledge
    • Previous work within Risk and/or Information Security/Cyber Security. Ideally, has worked in a 2 LOD Cyber Security Risk function
    • Previous working experience managing & directing teams of risk or security professionals
    • Bachelor and/or Masters Degree in Computer Science, Engineering or relevant technical field
    • CISSP, CISM, or CISA certifications a strong plus
    • Background in IT Risk Assessment, IT Audit, Information security management.
    • Knowledge of US IT Security regulatory requirements & environment a plus (i.e. FISMA, PCI-DSS, HIPAA, NIST cybersecurity frameworks).





 
 
 
Apply To Job
 
 
 
 
 
© 2019 GarysGuide      About   Terms   Press   Feedback