Security Analyst, Systems Assurance and Compliance

CLEAR is seeking a Systems Assurance and Compliance Analyst to join our growing team! This is an individual contributor role reporting to our Manager of Systems Assurance and Compliance. This is an exciting opportunity to join a dynamic global organization and to play a key role in shaping the future of our Governance, Risk and Compliance (GRC) function. 

The Systems Assurance and Compliance Analyst should have a strong drive to identify, assess, advise, and mitigate information security risks, solve security challenges within a rapidly evolving landscape, and implement best-in-class security measures while also achieving business objectives. This individual will have solid experience in security and IT regulatory compliance, demonstrated success in working with regulatory and governing bodies, responding to IT or security audits and compliance attestations, maintaining policies, and performing assurance and compliance assessments. You will also develop and foster key relationships with senior management in technology, internal and external auditors, as well as other business areas. 

What You Will Do:

• Maintain a deep understanding of industry-standard security frameworks (NIST 800-53, PCI-DSS, HIPAA, SOC 2) and regulatory requirements.
• Lead internal and external security audits and assessments to ensure compliance.
• Collaborate with stakeholders to implement and maintain effective security controls, compliance and risk mitigation strategies.
• Stay current on emerging threats and vulnerabilities, and implement appropriate security measures.
• Develop and maintain comprehensive security documentation, including certification and accreditation materials.
• Respond to security inquiries and audits from business partners, ensuring timely remediation of identified issues.
• Analyze and assess the security impact of system modifications and technological advancements.
• Provide security expertise and guidance to teams across the organization.
• Collaborate with Security Architecture, Product Security, Finance, Legal, and other relevant stakeholders to:identify and assess security risks, implement appropriate security controls, mitigate identified risks in a timely manner and ensure compliance.

What you're great at:

• 3+ years of controls assessment, validation, or implementation experience. Experience with Big 4 Accounting is a plus
• Experience with information systems security standards and practices (NIST 800-53, PCI-DSS, HIPAA, SOC 2,, etc.)
• Strong understanding of risks and internal controls as well as the ability to evaluate and determine the adequacy and effectiveness of controls
• Ability to effectively communicate with both technical and non-technical audiences, along with internal and external stakeholders
• Expertise with cybersecurity and privacy principles as well as controls used to manage data handling risks
• Familiar with application, infrastructure, and data security risks, threats, and vulnerabilities
• Comfortable working independently across verticals and organizational hierarchies 
• Strong attention to detail, follow-through capabilities, and escalation of key issues
• Ability to independently organize, prioritize, and complete tasks in a high-pressure environment
• CISSP, CRISC, CISA, or related certifications preferred