CLEARs mission is to strengthen security & create frictionless experiences for consumers. We believe you are you & by using your biometrics - your fingerprints, eyes, & face - we keep you moving. Imagine a world where you can do virtually everything you need to breeze through the airport, buy a beer at the game, check-in at the doctors office, access your office building, & more without ever pulling out your wallet or phone. Now in 60+ airports & other venues nationwide, you are your ID, credit card, ticket, reservation & more with CLEAR.
Were defining & leading an entirely new industry, obsessing over our customers, & investing in great people to lead the way. Recently named on CNBCs Disruptor 50 List & winner of the SXSW Interactive Innovation Award, we're working tirelessly to create frictionless customer experiences for our 4+ million members across the country.
The Principal Security Engineer will be responsible for developing the security architecture & all engineering aspects for Clears TSA Precheck business line. You will be responsible for reviewing & testing our new services before release, partnering closely with our infrastructure & development teams to produce innovative & secure solutions in a cloud native environment. The right person for this role has a strong drive to solve security challenges with a high degree of fidelity & the desire to implement best-in-class security measures using cutting edge technology. Additionally, the right person has a strong track record of delivering high-quality security solutions in a hyper-growth environment where priorities shift quickly.
What You Will Do:
- Coordinate with all aspects of the of the TSA Precheck project to assess, design, & implement various processes & controls of the companys core software, cloud platform, infrastructure security, & business continuity programs.
- Evaluate, design, & deploy security tools to support: vulnerability/patch management, version/change management, advanced anti-malware, network IDS/IPS, security information & event monitoring systems.
- Lead threat modeling exercises of new & continuing to evolve technologies within the environment.
- Build automated tools & infrastructure to automate incident response & vulnerability remediation.
- Create clear & concise documentation to formalize security processes, establish baselines & develop standards.
- Perform risk assessment & coordination of critical changes to our infrastructure, controls, & ensure proper implementation.
Who You Are:
- You have 10+ years of experience in security engineering with 3+ years using cloud/PaaS technologies (AWS, GCP, Azure, Kubernetes).
- Strong understanding of Software Security Architecture & Design, SDLC, CI/CD, & the ability to clearly articulate best practices for application security.
- Experience developing, implementing, & testing the effectiveness of controls to mitigate advanced attacks.
- Strong understanding of Group Policy, Jamf, firewalls, intrusion detection & prevention, endpoint security, technologies.
- Strong understanding of networks, both traditional & software defined, TCP/IP networking including routing, subnetting, VPN, packet filtering/firewalling. Experience with Palo Alto & Cisco networking solutions in a plus.
- Operational knowledge of endpoint, systems, databases, orchestration/configuration as code technologies (e.g. Ansible, Puppet, Chef, Terraform), & network security engineering best practices.
- Solid problem solving & analytical skills; able to quickly digest issues encountered & recommend an appropriate solution.
- Experience with AWS & SoA
- Experience on a red team
- Experience with PCI & FedRAMP compliance
- Experience conducting third party assessments of vendors & SaaS apps
- Experience with securing mobile devices & applications