Incident Response Analyst at CLEAR
CLEAR helps create safer, easier experiences everywhere you go. We believe you are you and by using your biometrics – your eyes, face, and fingerprints – we keep you moving. Imagine a world where you can do virtually everything you need to – breeze through the airport, buy a beer at the game, check-in at the doctor’s office, access your office building, and more – without ever pulling out your wallet. CLEAR is currently available in 50+ airports, venues and more. Now with Health Pass, CLEAR securely connects a person’s digital identity to multiple layers of COVID-related insights to help reduce public health risk and restore peace of mind.
We’re defining and leading an entirely new industry, obsessing over our customers, and investing in great people to lead the way. Recently named on CNBC’s Disruptor 50 List for the second year in a row and winner of the SXSW Interactive Innovation Award, CLEAR is providing innovative technology options for businesses and our 5+ million members to help create a safer environment no matter where you go.
We are looking for an Incident Response Analyst to join our team. The ideal candidate has a strong drive to solve security challenges and the desire to implement best-in-class security measures using cutting edge technology.
What You Will Do:
- Investigate, analyze, contain, and report IT security incidents in accordance with the incident response plan.
- Be a part of the incident response on-call rotation, which may include weekends and holidays.
- Create documentation and contribute to process build out for incident response.
- Help enhance and mature incident response practices.
- Work with and assist employees with security questions or escalations.
- Perform network/system investigations, which may include live response, disk, and memory forensics.
- Learn and cross train in all CLEAR technologies.
- Conduct internal and external security audits.
- Recommend and install appropriate tools and countermeasures.
- Define, implement and maintain corporate security policies.
- Work with key business leaders to help identify critical assets and their protection.
Who You Are:
- Strong understanding of AWS cloud infrastructure and security best practices. Knowledge
should include understanding of cloud security groups, acls and NAT gateways.
- Familiarity with cloud monitoring tools such as Guard Duty.
- Experience in using an enterprise SIEM.
- Experience running security investigations including gathering evidence/artifacts, system forensics, reviewing threat intelligence tools, reviewing log files and incident report writing
- Experience in network traffic and protocol analysis.
- Strong understanding of network and server infrastructure including firewalls, load balancers,
WAF’s, EC2 instances, S3 buckets, servers, kubernetes, and docker
- Experience in with scripting and automation for use in a SOAR is a plus
- Familiarity with a variety of operating systems such as Linux, Windows and MacOS
- Strong interest in emerging technology.
- Highly analytical with a high attention to detail