Team Lead, Cyber Risk Management
New York City, United States
CLEAR
Make experiences effortless. See what CLEAR can do for you and for businesses.Founded in 2010, CLEAR’s mission is to create frictionless experiences. With more than 12+ million members and hundreds of partners across the world, CLEAR’s identity platform is transforming the way people live, work, and travel. Whether it’s at the airport, stadium, or right on your phone, CLEAR connects you to the things that make you, you - making everyday experiences easier, more secure, and more seamless. Since day one, CLEAR has been committed to privacy done right.
CLEAR is seeking a Team Lead for Cyber Risk Management. The right person for this role has a strong drive to solve security challenges within a rapidly expanding environment, and the desire to implement best-in-class security measures using cutting edge technology. This individual will work in Cyber Risk Management, alongside the Security Engineering and Security Operations teams, partnering heavily with infrastructure and devops teams in a cloud native environment. This individual will have solid experience in cyber & IT risk assessment, vendor risk management, information assurance and controls assessments, and IT regulatory compliance.
What You Will Do:
- Perform risk assessment and risk mitigation analyses and ensure cyber risks are appropriately managed within risk appetite tolerance and limits
- Perform technical risk assessments on CLEAR information systems using established processes
- Perform compliance assessments and security controls testing in alignment with governing frameworks (FISMA, HIPAA, PCI, SOC 2, etc.)
- Perform vendor risk assessments on CLEAR service providers, suppliers, business partners and other third parties using established processes
- Ensure communication and awareness of the CLEAR security risk management framework
- Document and assess exceptions to information security policies
- Support procedures to manage findings including evaluating the impact on CLEAR’s partners and members
- Support business partner security audits and inquiries, and ensure that any findings are remediated in a timely fashion
- Respond to inquiries from staff, administrators, service providers, site personnel and outside vendors, to provide technical assistance and support
- Contribute to the aggregation and reporting of cyber risk metrics and information
Who You Are:
- 5+ years of information systems security or related auditing experience
- Demonstrated team leadership and ability to manage cyber risk program initiatives
- Familiar with risk management processes (e.g., methods for assessing and mitigating risk)
- Expertise with cybersecurity and privacy principles and security controls used to manage risks related to the use, processing, storage, and transmission of information or data
- Conversant with system and application security risks, threats and vulnerabilities
- Familiar with network security architecture concepts: including topology, protocols, components, and principles (e.g., application of defense-in-depth)
- Working knowledge of cloud, container, and network security
- Excellent oral and written communication skills in both a technical & non-technical environment
- Strong detail orientation, follow-through capabilities and escalation of key issues
- Ability to follow documented operational procedures and independently organize, prioritize and follow-up on tasks in a high-pressure environment
- CISSP, CRISC, or related certifications preferred
#LI-Hybrid
Tags: Application security Audits CISSP Cloud Compliance CRISC DevOps FISMA HIPAA Network security Privacy Risk assessment Risk management SOC SOC 2 Vulnerabilities
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open ISO 27001-related jobs
- Open Clearance-related jobs
- Open Network security-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs