Events  Deals  Jobs 
    Sign in  
CLEAR // biometric identity platform
New York City, United States    Posted: Tuesday, March 16, 2021
Apply To Job

CLEAR helps create safer, easier experiences everywhere you go. We believe you are you & by using your biometrics your eyes, face, & fingerprints we keep you moving. Imagine a world where you can do virtually everything you need to breeze through the airport, buy a beer at the game, check-in at the doctors office, access your office building, & more without ever pulling out your wallet. CLEAR is currently available in 50+ airports, venues & more. Now with Health Pass, CLEAR securely connects a persons digital identity to multiple layers of COVID-related insights to help reduce public health risk & restore peace of mind.

Were defining & leading an entirely new industry, obsessing over our customers, & investing in great people to lead the way. Recently named on CNBCs Disruptor 50 List for the second year in a row & winner of the SXSW Interactive Innovation Award, CLEAR is providing innovative technology options for businesses & our 5+ million members to help create a safer environment no matter where you go.

CLEAR is seeking a Senior Compliance Analyst, FISMA. The right person for this role has a strong drive to solve security challenges within a rapidly expanding environment, & the desire to implement best-in-class security measures using cutting edge technology. This individual will work in CLEARs GRC team, partnering heavily with Infrastructure, DevOps, & Security Engineering teams in a cloud-native environment. Technology Assurance & Compliance will focus on analyzing & assessing compliance with regulatory standards, addressing business partner requests (audit response, contract review, etc.) & working with teams to brainstorm compliant solutions & remediate any outstanding compliance issues. This individual will have solid experience in cyber & IT regulatory compliance (FISMA, NIST 800-53, PCI-DSS, HIPAA, etc.), demonstrated success in working with Federal agencies & governing bodies, responding to IT or security audits & compliance attestations, & performing information assurance & compliance assessments.

What You Will Do:

  • Maintain security & establish functional requirements for security measures.
  • Coordinate with business area managers & professional staff to ensure information system security compliance. 
  • Be the focal point for interactions with Federal agency regulators & auditors
  • Work with CLEARs various Government programs & security staff to complete required Systems Security Plans (SSPs).
  • Update & maintain the documentation for certification & accreditation of each information system in accordance with government & regulatory requirements. 
  • Assess the compliance impacts of system modifications & technological advances. 
  • Keep aware of changes to regulatory requirements & industry best practices to recommend updates to information security policies.
  • Review systems in order to identify potential security weaknesses & recommend improvements to amend vulnerabilities
  • Assess remediations, changes, upgrades & documentation revisions for alignment with CLEARs business critical security frameworks
  • Participate in security control assessments & audits
  • Monitor & review updates to regulations, frameworks & contracts. (NIST 800-53, PCI-DSS, HIPAA)
  • Communicate updates to technology & business owners
  • Document changes to policy; such as new & enhanced controls
  • Respond to business partner security inquiries & audits & ensure that any findings are remediated in a timely fashion
  • Participate in the selection of information security solutions
  • Respond to inquiries from staff, administrators, service providers, site personnel & outside vendors, to provide technical assistance & support

Who You Are:

  • 3+ years of information systems security or related auditing experience
  • Experience with information systems security standards & practices (NIST 800-53, PCI-DSS, HIPAA, etc.)
  • Familiar with Federal ATO process & able to produce appropriate documentation & evidence (CDRs, SSPs, etc.)
  • Able to balance business priorities/initiatives with sound risk management
  • Familiar with risk management processes (e.g., methods for assessing & mitigating risk)
  • Expertise with cybersecurity & privacy principles & controls used to manage risks related to the use, processing, storage, & transmission of information or data
  • Conversant with system & application security risks, threats & vulnerabilities
  • Familiar with network security architecture concepts: including topology, protocols, components, & principles (e.g., application of defense-in-depth)
  • Because of the constant developing nature of information systems & cyber attacks, you must be committed to continuous learning & system knowledge.
  • Working knowledge of cloud, container, & network security
  • Excellent oral & written communication skills in both a technical & non-technical environment
  • Strong problem-solving skills, detail orientation, follow-through capabilities & escalation of key issues
  • Ability to work with diverse personalities within various levels of the organization
  • Ability to manage multiple issues at one time
  • Ability to independently organize, prioritize & follow-up on tasks in a high-pressure environment
  • Can work effectively in a dynamic environment where shifting priorities frequently alter work plans
  • Established security certifications such as CISSP, CRISC, etc. preferred
Apply To Job
© 2021 GarysGuide      About    Feedback    Press    Terms