Events  Classes  Jobs 
    Sign in  
 
 
CLEAR // biometric identity platform
 
Engineering, Full Time    New York City, United States    Posted: Friday, April 03, 2020
 
   
 
Apply To Job
 
 
JOB DETAILS
 

CLEARs mission is to strengthen security & create frictionless experiences for consumers. We believe you are you & by using your biometrics - your fingerprints, eyes, & face - we keep you moving. Imagine a world where you can do virtually everything you need to breeze through the airport, buy a beer at the game, check-in at the doctors office, access your office building, & more without ever pulling out your wallet or phone. Now in 60+ airports & other venues nationwide, you are your ID, credit card, ticket, reservation & more with CLEAR.

Were defining & leading an entirely new industry, obsessing over our customers, & investing in great people to lead the way. Recently named on CNBCs Disruptor 50 List & winner of the SXSW Interactive Innovation Award, we're working tirelessly to create frictionless customer experiences for our 4+ million members across the country.

The Principal Security Engineer will be responsible for developing the security architecture & all engineering aspects for Clears TSA Precheck business line. You will be responsible for reviewing & testing our new services before release, partnering closely with our infrastructure & development teams to produce innovative & secure solutions in a cloud native environment. The right person for this role has a strong drive to solve security challenges with a high degree of fidelity & the desire to implement best-in-class security measures using cutting edge technology. Additionally, the right person has a strong track record of delivering high-quality security solutions in a hyper-growth environment where priorities shift quickly.


What You Will Do:

  • Coordinate with all aspects of the of the TSA Precheck project to assess, design, & implement various processes & controls of the companys core software, cloud platform, infrastructure security, & business continuity programs.
  • Evaluate, design, & deploy security tools to support: vulnerability/patch management, version/change management, advanced anti-malware, network IDS/IPS, security information & event monitoring systems.
  • Lead threat modeling exercises of new & continuing to evolve technologies within the environment.
  • Build automated tools & infrastructure to automate incident response & vulnerability remediation.
  • Create clear & concise documentation to formalize security processes, establish baselines & develop standards.
  • Perform risk assessment & coordination of critical changes to our infrastructure, controls, & ensure proper implementation.

Who You Are:

  • You have 10+ years of experience in security engineering with 3+ years using cloud/PaaS technologies (AWS, GCP, Azure, Kubernetes).
  • Strong understanding of Software Security Architecture & Design, SDLC, CI/CD, & the ability to clearly articulate best practices for application security.
  • Experience writing in one or more of the following programming languages: C/C++, Java, Ruby, Python, & JavaScript.
  • Experience developing, implementing, & testing the effectiveness of controls to mitigate advanced attacks.
  • Strong understanding of Group Policy, Jamf, firewalls, intrusion detection & prevention, endpoint security, technologies.
  • Strong understanding of networks, both traditional & software defined, TCP/IP networking including routing, subnetting, VPN, packet filtering/firewalling. Experience with Palo Alto & Cisco networking solutions in a plus.
  • Operational knowledge of endpoint, systems, databases, orchestration/configuration as code technologies (e.g. Ansible, Puppet, Chef, Terraform), & network security engineering best practices.
  • Solid problem solving & analytical skills; able to quickly digest issues encountered & recommend an appropriate solution.

Pluses:

  • Experience with AWS & SoA
  • Experience on a red team
  • Experience with PCI & FedRAMP compliance
  • Experience conducting third party assessments of vendors & SaaS apps
  • Experience with securing mobile devices & applications
 
 
 
Apply To Job
 
 
 
 
 
© 2020 GarysGuide      Terms