Let’s get started
By clicking ‘Next’, I agree to the Terms of Service
and Privacy Policy
Jobs / Job page
Senior Security Engineer image - Rise Careers
Job details

Senior Security Engineer

SMARTAPPLY 🪄

We’re looking for a Security Engineer to help us secure the next generation of products that will go beyond just ID and enable our members to leverage the power of a networked digital identity. As a Security Engineer at CLEAR, you will participate in enhancing the security and compliance of our products throughout the product lifecycle from design, to implementation, testing, and deployment. We expect you to participate in building our platform - one that interconnects dozens of attributes and qualifications while keeping member privacy and security at the core. 

A brief highlight of our tech stack:

  • Java / Javascript / React / Typescript / Python / Postgres
  • AWS cloud

What you'll do:

  • Work side by side with engineering and product resources to define security and compliance requirements for new features and services
  • Build threat models, testing plans, and validation strategies to ensure a high secure bar for the system
  • Review code, infrastructure, and architecture for common security flaws, as well as bespoke, business logic flaws
  • Manage penetration tests of critical features
  • Assist in managing audits and compliance requirements on an ongoing basis
  • Bridge and facilitate communication between engineering teams and other parts of the Security organization

What you're great at:

  • 4+ years of experience working as a security engineer
  • You understand how to analyze a system and look for potential threats at every stage of the SDLC. You have experience with system design reviews, threat modeling, and common vulnerabilities in Web and Mobile applications
  • Hands-on experience with cloud-based architectures, especially those built on AWS, Kubernetes, and Docker
  • Solid understanding of networking and operating systems
  • You can write scripts, and you are proficient in one (or more) of the following languages: Java, Javascript, Python
  • You have excellent analytical skills, strong organizational and project management skills, and the ability to prioritize and manage multiple tasks and deadlines.
  • You are a strong communicator who can explain security concepts to a variety of audiences and levels, as well as work collaboratively across technical and non-technical teams
  • You are comfortable with high levels of autonomy and delivering on complex goals
  • You have experience with regulatory and compliance frameworks like NIST 800-53, PCI DSS, and FedRAMP, as well as Identity and Authenticator Assurance Levels like IAL2 and AAL2

How You'll be Rewarded:

At CLEAR we help YOU move forward - because when you’re at your best, we’re at our best. You’ll work with talented team members who are motivated by our mission of making experiences safer and easier. Our hybrid work environment provides flexibility. In our offices, you’ll enjoy benefits like meals and snacks. We invest in your well-being and learning & development with our stipend and reimbursement programs. 

We offer holistic total rewards, including comprehensive healthcare plans, family building benefits (fertility and adoption/surrogacy support), flexible time off, free OneMedical memberships for you and your dependents, and a 401(k) retirement plan with employer match. The base salary range for this role is $175,000 - $215,000, depending on levels of skills and experience.

The base salary range represents the low and high end of CLEAR’s salary range for this position. Salaries will vary depending on various factors which include, but are not limited to location, education, skills, experience and performance. The range listed is just one component of CLEAR’s total compensation package for employees and other rewards may include annual bonuses, commission, Restricted Stock Units

About CLEAR

Have you ever had that green-light feeling? When you hit every green light and the day just feels like magic. CLEAR's mission is to create frictionless experiences where every day has that feeling. With more than 25+ million passionate members and hundreds of partners around the world, CLEAR’s identity platform is transforming the way people live, work, and travel. Whether it’s at the airport, stadium, or right on your phone, CLEAR connects you to the things that make you, you - unlocking easier, more secure, and more seamless experiences - making them all feel like magic.

CLEAR provides reasonable accommodation to qualified individuals with disabilities or protected needs. Please let us know if you require a reasonable accommodation to apply for a job or perform your job. Examples of reasonable accommodation include, but are not limited to, time off, extra breaks, making a change to the application process or work procedures, policy exceptions, providing documents in an alternative format, live captioning or using a sign language interpreter, or using specialized equipment.

#LI-Hybrid #LI-Onsite

Average salary estimate

$195000 / YEARLY (est.)
min
max
$175000K
$215000K

If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.

What You Should Know About Senior Security Engineer, CLEAR - Corporate

If you're a seasoned security pro looking to make a real impact, the role of Senior Security Engineer at CLEAR in New York, New York, could be your perfect fit! At CLEAR, we're on a mission to transform identity verification and create frictionless experiences for millions of users. As a Senior Security Engineer, you’ll be at the core of this mission, helping us to secure cutting-edge digital identity products that go beyond simple identification. In this role, you'll work closely with engineering and product teams, defining crucial security and compliance requirements for new features and services. You'll have the opportunity to build threat models, develop testing plans, and review code for security vulnerabilities, all while ensuring the privacy of our members remains a top priority. With your expertise in AWS, cloud-based architectures, and a solid understanding of common vulnerabilities in both web and mobile applications, you'll play a key role in our success. Plus, we offer a hybrid work environment, comprehensive benefits, and a competitive salary package to ensure you're well taken care of. So if you're ready to join a passionate team dedicated to making experiences safer and easier, we want to hear from you!

Frequently Asked Questions (FAQs) for Senior Security Engineer Role at CLEAR - Corporate
What qualifications do I need to apply for the Senior Security Engineer position at CLEAR?

To apply for the Senior Security Engineer role at CLEAR, candidates should possess at least 4 years of experience in security engineering. A solid understanding of the system development lifecycle (SDLC), threat modeling, and common security vulnerabilities in both web and mobile applications is essential. Additionally, hands-on experience with cloud architectures, especially AWS, Kubernetes, and Docker, is crucial for success in this role.

Join Rise to see the full answer
What does the Senior Security Engineer role at CLEAR involve?

The Senior Security Engineer at CLEAR is responsible for enhancing security and compliance throughout the product lifecycle. This includes working alongside engineering teams to define security requirements, building threat models, reviewing code for vulnerabilities, managing penetration tests, and facilitating audits and compliance requirements. This multifaceted position ensures that security is integrated into each step of the development process.

Join Rise to see the full answer
How does CLEAR support professional development for Senior Security Engineers?

At CLEAR, we believe in investing in our employees' growth. As a Senior Security Engineer, you’ll have access to learning and development stipend programs, reimbursement for courses, and opportunities to enhance your skills. We encourage continuous learning so that you can stay ahead in the fast-evolving world of security engineering.

Join Rise to see the full answer
What is the salary range for the Senior Security Engineer role at CLEAR?

The base salary range for the Senior Security Engineer position at CLEAR is between $175,000 and $215,000, depending on skills and experience. This range is just a part of our holistic compensation package, which also includes comprehensive healthcare plans, family building benefits, and a 401(k) plan with employer match.

Join Rise to see the full answer
What technologies will I work with as a Senior Security Engineer at CLEAR?

In the role of Senior Security Engineer at CLEAR, you’ll find yourself working with a dynamic tech stack that includes Java, JavaScript, React, TypeScript, Python, and PostgreSQL. You'll also be leveraging cloud services, primarily on AWS, and ensuring security practices extend throughout our critical applications and systems.

Join Rise to see the full answer
What qualities are essential for a Senior Security Engineer at CLEAR?

A successful Senior Security Engineer at CLEAR must possess excellent analytical skills and a thorough understanding of security frameworks like NIST 800-53, PCI DSS, and FedRAMP. Strong communication skills are essential for explaining security concepts to both technical and non-technical audiences. The ideal candidate will also demonstrate project management abilities and a collaborative spirit.

Join Rise to see the full answer
What is the team culture like at CLEAR for a Senior Security Engineer?

CLEAR fosters a collaborative and innovative culture where security engineers work closely with engineering teams across various departments. We value open communication, teamwork, and autonomy, making it essential for the Senior Security Engineer to contribute to a positive environment while driving security initiatives.

Join Rise to see the full answer
Common Interview Questions for Senior Security Engineer
How do you approach threat modeling in your previous projects?

When discussing your approach to threat modeling during the interview, it's important to emphasize your systematic method. Talk about how you identify assets, evaluate threats, and consider vulnerabilities within the context of your previous projects. Highlight specific techniques you use, such as attack trees, and how implementing these strategies enhances the overall security posture of the applications.

Join Rise to see the full answer
Can you explain a time when you found a critical security flaw during a code review?

Share a specific experience where you identified a significant security vulnerability during a code review. Describe the nature of the flaw, the impact it could have had, and how you communicated this to the development team. Highlight your problem-solving skills by explaining how you recommended a fix and ensured it was implemented effectively.

Join Rise to see the full answer
What experience do you have with compliance frameworks like NIST 800-53 and PCI DSS?

During your interview, discuss your familiarity with regulatory and compliance frameworks, focusing on how you've applied these standards in your previous roles. Prepare to explain specific compliance projects you've led or contributed to, detailing how you ensured adherence to these frameworks and how it positively affected the organization.

Join Rise to see the full answer
How would you prioritize security tasks in a fast-paced development environment?

When addressing this question, emphasize your organizational and project management skills. Talk about how you assess the risk associated with various security tasks, focusing on the potential impact and likelihood of incidents. Highlight your ability to work with cross-functional teams to ensure that critical security measures are addressed without hindering the development process.

Join Rise to see the full answer
Describe your experience with cloud security and AWS specifically.

Provide detailed insights into your experience with cloud security, emphasizing your hands-on work with AWS. Discuss specific AWS services you've used, such as IAM for access control, and how you ensure that workloads deployed in the cloud meet security best practices. Mention any challenges you've faced and how you've overcome them.

Join Rise to see the full answer
What strategies do you employ for continuous security improvement?

Illustrate your commitment to continuous improvement in security practices. Talk about methodologies like regular security assessments, employee training on security awareness, and engagement with the latest security research and developments. Emphasize how you keep abreast of new threats and incorporate lessons learned from past incidents into organizational security practices.

Join Rise to see the full answer
How do you communicate security concepts to non-technical stakeholders?

When answering this question, stress the importance of adapting your communication style to your audience. Explain how you simplify technical jargon, use analogies, and leverage visual aids to convey security concepts effectively. Sharing an example from your experience where you successfully educated non-technical stakeholders will bolster your response.

Join Rise to see the full answer
In your opinion, what emerging security threats should organizations be aware of?

To effectively respond, prepare to discuss recent trends in cyber threats, such as increased ransomware attacks, third-party supply chain vulnerabilities, or developments in artificial intelligence affecting security. Explain how organizations can strategize and prepare against these threats, referencing both technological measures and employee training.

Join Rise to see the full answer
What tools do you prefer for conducting penetration tests, and why?

In your answer, mention specific penetration testing tools you're skilled in, such as Metasploit, Burp Suite, or OWASP ZAP. Discuss why you prefer these tools, focusing on their effectiveness, ease of use, and the features that make them suitable for your testing needs. Highlight any experiences where these tools led to significant findings.

Join Rise to see the full answer
Can you discuss your experience with incident response and mitigation strategies?

Reflect on a past incident where you played a direct role in security incident response. Describe your methodology in identifying the breach, containing the damage, and restoring normal operations. Highlight your focus on improving incident response plans based on lessons learned, ensuring a robust approach for future incidents.

Join Rise to see the full answer
Similar Jobs
Photo of the Rise User
CLEAR - Corporate Remote New York, New York, United States (Hybrid)
VIEW
Posted 12 days ago
Photo of the Rise User
CLEAR - Corporate Remote New York, New York, United States
VIEW
Posted 12 days ago
E
Evidence Action Remote No location specified
VIEW
Posted 10 days ago
Photo of the Rise User
Bosch Group Remote Av. Robert Bosch - Parque Via Norte, Campinas - SP, 13064-765, Brasil
VIEW
Posted 2 days ago
Photo of the Rise User
Kepler Communications Hybrid Sterling, Virginia
VIEW
Posted 3 days ago
Photo of the Rise User
webook.com Remote No location specified
VIEW
Posted yesterday
Photo of the Rise User
BC Tech Pro Hybrid Bradenton, FL, USA
VIEW
Posted 8 days ago
W
Weisiger Group Hybrid No location specified
VIEW
Posted 6 days ago
S
SDI Presence Hybrid No location specified
VIEW
Posted 5 days ago
C
CampusWorks, Inc. Hybrid Canton, NY
VIEW
Posted 11 days ago
SMARTAPPLY 🪄
Photo of the Rise User By CLEAR - Corporate

Founded in 2010, CLEAR offers a biometric scanning product designed for airport security. The company is headquartered in New York City, New York.

27 jobs
MATCH
VIEW MATCH
FUNDING
DEPARTMENTS
SENIORITY LEVEL REQUIREMENT
INDUSTRY
TEAM SIZE
LOCATION
SALARY RANGE
$175,000/yr - $215,000/yr
EMPLOYMENT TYPE
Full-time, hybrid
DATE POSTED
November 24, 2024

Subscribe to Rise newsletter

Risa star 🔮 Hi, I'm Risa! Your AI
Career Copilot
Want to see a list of jobs tailored to
you, just ask me below!
Show me relevant jobs ASK RISA ✨
ABOUT FINDNYCJOBS
FOR COMPANIES
REMOTE JOBS & MORE
LOOKING FOR A JOB?
FIND A JOB NEAR ME
POPULAR JOBS
Rise logo FindNycJobs logo
Privacy Policy and Terms of Service
© 2024 Rise Tech Inc. All rights reserved.
Proudly made in NYC.
CONNECT
Facebook Instagram LinkedIn Tiktok