CLEAR makes life easier and more secure by using biometrics – your fingerprints, eyes and face – to confirm that you are you, and keep you moving. Imagine a world where you can do virtually everything you need to – breeze through the airport, buy a beer at the game, check-in at the doctor’s office, access your office building, and more – without ever pulling out your wallet or phone. Now in 45+ airports and other venues nationwide, you are your ID, credit card, ticket, reservation and more with CLEAR.

We’re defining and leading an entirely new industry, moving quickly with data-informed decisions, obsessing over our customers, and investing in great people to lead the way. Recently named on CNBC’s Disruptor 50 List and winner of the SXSW Interactive Innovation Award, we’re working tirelessly to create frictionless customer experiences for our 3+ million members across the country.

We are looking for a Senior Security Analyst to join our Incident Response team. The ideal candidate has a strong drive to solve security challenges and the desire to implement best-in-class security measures using cutting edge technology. The right person for this role has a proven track record of delivering high-quality security solutions in a scaling environment.

What you will do:

• Conduct technical cyber and physical security investigations
• Create and support investigative and forensic documentation
• Develop detection logic for malicious indicators and behaviors in our SIEM
• Perform forensic analysis with EDR tools and disk imaging software
• Operationalize the detection of attacker TTPs
• Develop, curate, integrate and operationalize Threat Intelligence Feeds
• Represent CLEAR in threat intelligence information sharing programs
• Perform network, endpoint, and identity log analysis across multiple environments to detect compromised identities and machine.
• Work with investigation playbooks in our SOAR appliance (Python scripting)
• Participate in attacker simulation exercises (Red Team)

Who you are:

• 4+ years experience in Security Operations Center (SOC) or similar investigation centers
• 2+ years of Incident Response experience in a corporate enterprise
• Deep experience with programming or scripting in Python or Bash
• Experience in large, geographically diverse enterprise networks
• Ability to think proactively with a security mindset.
• Hands-on experience with forensics tools and techniques, on Macbooks and Windows machines
• Extensive knowledge of security tools which perform functions such as intrusion detection and prevention (IDS/IPS), vulnerability scanning, software deployment, and log archiving. A wide range of experience in these tools, from hands-on configuration and operation, to high level design and architecture is preferred.
• Experience performing investigations in AWS cloud environments.
• Ability to present highly technical information to non-technical audiences.