Team Lead, Technology Assurance & Compliance

New York City, United States

Applications have closed

CLEAR

Make experiences effortless. See what CLEAR can do for you and for businesses.

View company page

Founded in 2010, CLEAR’s mission is to create frictionless experiences. With more than 12+ million members and hundreds of partners across the world, CLEAR’s identity platform is transforming the way people live, work, and travel. Whether it’s at the airport, stadium, or right on your phone, CLEAR connects you to the things that make you, you - making everyday experiences easier, more secure, and more seamless. Since day one, CLEAR has been committed to privacy done right. 

CLEAR is seeking a Team Lead of Technology Assurance & Compliance. The right person for this role has a strong drive to solve security challenges within a rapidly expanding environment, and the desire to implement best-in-class security measures using cutting edge technology. This individual will work in CLEAR’s GRC team, partnering heavily with Infrastructure, DevOps, and Security Engineering teams in a cloud-native environment. Technology Assurance & Compliance will focus on interfacing with key external regulators and business partners (audit response, contract review, etc.), managing internal regulatory standard compliance efforts, and working with teams to brainstorm compliant solutions and remediate any outstanding compliance issues. This individual will have solid experience in cyber & IT regulatory compliance (FISMA, NIST 800-53, PCI-DSS, HIPAA, etc.), demonstrated success in working with Federal agencies and governing bodies, responding to IT or security audits and compliance attestations, and performing information assurance and compliance assessments.

What You Will Do:

  • Coordinate with internal and external stakeholders staff to ensure system security compliance 
  • Identify, initialize and maintain certification and accreditation initiatives for information systems
  • Monitor and assess changes to regulations, frameworks and customer contracts
  • Lead staff to maintain required Systems Security Plans (SSPs) for CLEAR’s govt.programs
  • Develop and maintain the lifecycle of security policies and manage requests for policy exceptions
  • Manage the findings management process to ensure efficient and effective remediation
  • Enable and support customer inquiries relating to the effectiveness of CLEAR’s security program

Who You Are:

  • 7+ years of information systems security or related auditing experience
  • Experience with information security standards (NIST 800-53, PCI-DSS, HIPAA, etc.)
  • Familiar with Federal ATO process and able to support Security Control Assessments 
  • Familiar with risk management processes (e.g., methods for assessing and mitigating risk)
  • Able to balance business priorities/initiatives with sound risk management
  • Expertise with data protection principles for managing risks related data sharing
  • Conversant with system and application security risks, threats and vulnerabilities
  • Familiar with network and cloud security architecture concepts
  • Understand and structure problem solving of issues related to systems and organization
  • Understand advanced concepts and issues related to cyber security and its organizational impact
  • Committed to continuous learning and system knowledge
  • Excellent oral and written communication skills in both a technical & non-technical environment
  • Highly analytical and effectively able to diagnose and prioritize needs and requirements 
  • Strong problem-solving skills, detail orientation, and capability to escalation and resolve issues
  • Ability to work with diverse personalities within various levels of the organization
  • Ability to manage multiple issues at one time
  • Strong ability to analyze and communicate complex technical topics to all levels of CLEAR
  • Ability to communicate effectively in verbal and written form
  • Ability to independently organize, prioritize and follow-up on tasks in a high-pressure environment
  • Can work effectively in a dynamic environment where shifting priorities frequently alter work plans
  • Established security certifications such as CISSP, CRISC, etc. preferred

#LI-Hybrid

Tags: Application security Audits CISSP Cloud Compliance CRISC DevOps FISMA HIPAA NIST Privacy Risk management System Security Plan Vulnerabilities

Region: North America
Country: United States
Job stats:  7  1  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.