CLEAR’s mission is to strengthen security and create frictionless experiences for consumers. We believe you are you and by using your biometrics - your fingerprints, eyes, and face - we keep you moving. Imagine a world where you can do virtually everything you need to – breeze through the airport, buy a beer at the game, check-in at the doctor’s office, access your office building, and more – without ever pulling out your wallet or phone. Now in 60+ airports and other venues nationwide, you are your ID, credit card, ticket, reservation and more with CLEAR.

We’re defining and leading an entirely new industry, obsessing over our customers, and investing in great people to lead the way. Recently named on CNBC’s Disruptor 50 List and winner of the SXSW Interactive Innovation Award, we're working tirelessly to create frictionless customer experiences for our 4+ million members across the country.

The Principal Security Engineer will be responsible for developing the security architecture and all engineering aspects for Clear’s TSA Precheck business line. You will be responsible for reviewing and testing our new services before release, partnering closely with our infrastructure and development teams to produce innovative and secure solutions in a cloud native environment. The right person for this role has a strong drive to solve security challenges with a high degree of fidelity and the desire to implement best-in-class security measures using cutting edge technology. Additionally, the right person has a strong track record of delivering high-quality security solutions in a hyper-growth environment where priorities shift quickly.

What You Will Do:

• Coordinate with all aspects of the of the TSA Precheck project to assess, design, and implement various processes and controls of the company’s core software, cloud platform, infrastructure security, and business continuity programs.
• Evaluate, design, and deploy security tools to support: vulnerability/patch management, version/change management, advanced anti-malware, network IDS/IPS, security information and event monitoring systems.
• Lead threat modeling exercises of new and continuing to evolve technologies within the environment. 
• Build automated tools and infrastructure to automate incident response and vulnerability remediation.
• Create clear and concise documentation to formalize security processes, establish baselines and develop standards.
• Perform risk assessment and coordination of critical changes to our infrastructure, controls, and ensure proper implementation.

Who You Are:

• You have 10+ years of experience in security engineering with 3+ years using cloud/PaaS technologies (AWS, GCP, Azure, Kubernetes).
• Strong understanding of Software Security Architecture and Design, SDLC, CI/CD, and the ability to clearly articulate best practices for application security.
• Experience writing in one or more of the following programming languages: C/C++, Java, Ruby, Python, and JavaScript.
• Experience developing, implementing, and testing the effectiveness of controls to mitigate advanced attacks.
• Strong understanding of Group Policy, Jamf, firewalls, intrusion detection and prevention, endpoint security, technologies.
• Strong understanding of networks, both traditional and software defined, TCP/IP networking including routing, subnetting, VPN, packet filtering/firewalling. Experience with Palo Alto and Cisco networking solutions in a plus.
• Operational knowledge of endpoint, systems, databases, orchestration/configuration as code technologies (e.g. Ansible, Puppet, Chef, Terraform), and network security engineering best practices.
• Solid problem solving and analytical skills; able to quickly digest issues encountered and recommend an appropriate solution.

Pluses:

• Experience with AWS and SoA
• Experience on a red team
• Experience with PCI and FedRAMP compliance
• Experience conducting third party assessments of vendors and SaaS apps
• Experience with securing mobile devices and applications