Cybersecurity Risk Analyst
Clear Secure - New York City, NY
posted 3 days ago
About the position
CLEAR is at the forefront of creating a secure, frictionless experience for our members through cutting-edge digital and biometric identification technology. As a leader in protecting identity, privacy, and security, we are committed to safeguarding our members' information across all digital platforms. We're looking for a skilled Cybersecurity Risk Analyst to join our team and play a critical role in identifying and mitigating cybersecurity risks that could impact our digital assets, operations, and reputation. In this role, you will work closely with cross-functional teams to assess and manage cyber risks, ensuring that CLEAR's security posture remains strong as we continue to innovate. Your expertise will help us stay ahead of emerging threats, maintain regulatory compliance, and protect sensitive data, while enhancing the overall security of our digital identity ecosystem.
Responsibilities
- Conduct thorough risk assessments to identify cybersecurity threats and vulnerabilities across systems, networks, and data, with a focus on protecting sensitive digital assets.
- Analyze emerging cyber threats and assess their potential impact on CLEAR's operations, reputation, and financial stability.
- Develop and implement robust risk mitigation strategies to reduce the likelihood and impact of cybersecurity incidents.
- Ensure ongoing compliance with relevant regulations such as GDPR, HIPAA, NIST, SOC2, and other industry-specific standards, maintaining the highest levels of security.
- Oversee the Third-Party Risk Management (TPRM) program, collaborating with internal stakeholders and vendors to ensure that security protocols are in place and compliance is achieved.
- Create and maintain comprehensive documentation for all risk assessments, mitigation strategies, and regulatory compliance efforts.
- Assist in the development of cybersecurity policies, standards, and procedures that reflect best practices and align with organizational goals.
Requirements
- 3+ years of experience in cybersecurity risk management or a similar role, ideally in industries requiring high levels of data privacy and protection (e.g., technology, finance, healthcare).
- Strong understanding of cybersecurity frameworks (e.g., NIST, ISO 27001) and familiarity with emerging cyber threats, attack vectors, and defense strategies.
- Excellent analytical skills, with the ability to assess complex risks and develop actionable mitigation plans.
- Hands-on experience with risk assessment methodologies, third-party vendor management, and cybersecurity audit processes.
- Strong communication and interpersonal skills, with the ability to collaborate effectively across teams and articulate complex security issues to both technical and non-technical stakeholders.
- Certification in cybersecurity (e.g., CISSP, CISM, CISA), showcasing a commitment to maintaining industry-leading expertise.
- Experience with SIEM tools, cloud security, and vulnerability management solutions to monitor, detect, and respond to cyber threats.
- Knowledge of data privacy regulations and compliance requirements, including GDPR, CCPA, HIPAA, and other relevant standards.
Benefits
- Comprehensive healthcare plans
- Family building benefits (fertility and adoption/surrogacy support)
- Flexible time off
- Free OneMedical memberships for you and your dependents
- 401(k) retirement plan with employer match
- Meals and snacks in the office
- Stipend and reimbursement programs for well-being and learning & development
