Events  Deals  Jobs 
    Sign in  
 
 
CLEAR // biometric identity platform
 
New York City, United States    Posted: Monday, May 23, 2022
 
   
 
Apply To Job
 
 
JOB DETAILS
 

Founded in 2010, CLEARs mission is to create frictionless experiences. With more than 10 million members & hundreds of partners across the world, CLEARs identity platform is transforming the way people live, work, & travel. Whether its at the airport, stadium, or right on your phone, CLEAR connects you to the things that make you, you - making everyday experiences easier, more secure, & more seamless. Since day one, CLEAR has been committed to privacy done right. Members are always in control of their own information, & we never sell member data.

CLEAR is seeking an Security Risk Analyst. The right person for this role has a strong drive to identify, assess, & mitigate information security risks, solve security challenges within a rapidly evolving landscape, & implement best-in-class security measures while also achieving business objectives. This individual will work in the Cyber Risk Management team & partner heavily with all business & technology teams, as well as collaborate closely with other CLEAR Security teams (e.g., Architecture, Engineering, Operations, Brand Protection, Business Continuity, Compliance, etc.). This individual will have demonstrated experience in third-party & supply chain risk management, cybersecurity & technology risk management, & secondary experience in information assurance & regulatory compliance.


What You Will Do:

  • Perform risk assessments & due diligence on existing & prospective CLEAR service providers, suppliers, business partners, & other third parties using established tools & processes
  • Coordinate risk treatment plans with prospective third-parties & internal stakeholders
  • Contribute to internal-facing security risk assessment & mitigation analyses, & ensure security risks are appropriately managed within risk tolerance
  • Develop, maintain, & communicate effective management & executive-level risk metrics & insights
  • Implement Supply Chain Risk Management (SCRM) controls
  • Ensure continued awareness of & compliance with security risk management processes across CLEAR
  • Collaborate with Security Architecture, Product Security, Compliance, Finance, Legal, & other stakeholders to ensure the timely identification & implementation of adequate security controls & other risk mitigations
  • Consult with business & technology stakeholders on vendor evaluation & selection projects (e.g., RFIs/RFPs)
  • Partner with CLEAR Threat Intelligence, Insider Threat, & other teams on various cross-functional Security initiatives
  • Maintain third-party risk policies & procedures
  • Contribute to the continuous evolution & improvement of the Security Risk & Assurance team & adjacent functions (e.g., tooling, continuous monitoring, automation, etc.)

Who You Are:

  • 1+ years of information security or technical IT auditing experience
  • Experience with risk management processes (e.g., methods for identifying, assessing, & mitigating security risks), cybersecurity & privacy principles, & supporting controls used to manage risks
  • Familiar with application, infrastructure, & data security risks, threats, & vulnerabilities
  • Familiar with network security architecture concepts: including topology, protocols, components, & principles (e.g., defense-in-depth strategies)
  • Conversant in cloud computing (XaaS) technologies & agile development concepts, tools, & vendors
  • Ability to effectively communicate with both technical & non-technical audiences
  • Ability to follow documented operational procedures & independently organize, prioritize, & follow-up on tasks in a high-pressure environment
  • Experience working within regulated environments is a plus (e.g., SOX, FISMA, HIPAA, PCI DSS, etc.)

#LI-Hybrid

 
 
 
Apply To Job
 
 
 
 
 
© 2022 GarysGuide      About    Feedback    Press    Terms