Build Your Career in Cybersecurity -
YOUR WAY

Summary

We are looking for a Senior Application Security Engineer to join our growing team. As a Senior Application Security Engineer, you will have the opportunity to take your penetration and overall application security testing to the next level. Our team performs everything from biometric and Web security testing to remediation, as well as creating automated security products, enabling stakeholders across CLEAR to deliver secure software.

​

Company Overview

Have you ever had that green-light feeling? When you hit every green light and the day just feels like magic. CLEAR's mission is to create frictionless experiences where every day has that feeling. With more than 27+ million passionate members and hundreds of partners around the world, CLEAR’s identity platform is transforming the way people live, work, and travel. Whether it’s at the airport, stadium, or right on your phone, CLEAR connects you to the things that make you, you - unlocking easier, more secure, and more seamless experiences - making them all feel like magic.

• Partner with the company’s Product, Software Engineering, DevOps, and IT teams
• Perform security risk assessments, manual penetration security testing, automate security testing, threat modeling, and develop/conduct education on secure coding
• Deliver security products and consult with DevOps, as part of a high-profile security team, supporting automated security testing as part of CLEAR’s next generation CI/CD pipelines
• Lead internal and external penetration tests across CLEAR’s most critical assets, as well as triage issues with internal stakeholders for remediation
• Develop functional and non-functional security requirements
• Conduct security assessments, code reviews, and penetration tests to identify vulnerabilities in applications and software
• Implement and manage security tools, including SAST, DAST, SCA, and other security automation frameworks

Required Qualifications

• Minimum of 5 years of experience in software development and implementing security into SDLC processes; Minimum 2 years relevant architecture experience with expert level knowledge of application systems design and integration
• Comprehensive knowledge, experience, & understanding of testing for the OWASP Top 10 or CWE Top 25, including PoCs, automating attacks, and secure code remediation
• Excellent interpersonal communication skills. Can explain very technical topics to all audiences and break down vulnerabilities to both developers and leadership
• Strong understanding of Software Security Architecture and Design, SDLC, CI/CD, and the ability to clearly articulate best practices for application security
• Experience with evaluating, deploying, and managing application security tools (e.g. DAST, SAST, IAST, RASP, WAF) and building strong vendor relationships
• Familiarity with one or more industry standards and regulations such as PCI, NIST 800-53, FedRAMP and ISO27001
• Strong programming and scripting experience in Python, BASH, Go, Java, JavaScript or similar
• Experience using security testing tools such as Burp Suite, Metasploit, OWASP ZAP, nmap, Frida, etc.
• Experience with mobile platform-specific security, privacy, and permission concepts for iOS & Android mobile platforms as well as mobile technologies such as WebViews, TouchID/FaceID API, etc.

At CLEAR we help YOU move forward - because when you’re at your best, we’re at our best. You’ll work with talented team members who are motivated by our mission of making experiences safer and easier. In our offices, you’ll enjoy benefits like meals and snacks. We invest in your well-being and learning & development with our stipend and reimbursement programs.

​

We offer holistic total rewards, including comprehensive healthcare plans, family building benefits (fertility and adoption/surrogacy support), flexible time off, free OneMedical memberships for you and your dependents, and a 401(k) retirement plan with employer match.

​

The base salary range for this role is $170,000 - $215,000, depending on levels of skills and experience.

​

The base salary range represents the low and high end of CLEAR’s salary range for this position. Salaries will vary depending on various factors which include, but are not limited to location, education, skills, experience and performance. The range listed is just one component of CLEAR’s total compensation package for employees and other rewards may include annual bonuses, commission, Restricted Stock Units.

​

CLEAR provides reasonable accommodation to qualified individuals with disabilities or protected needs. Please let us know if you require a reasonable accommodation to apply for a job or perform your job. Examples of reasonable accommodation include, but are not limited to, time off, extra breaks, making a change to the application process or work procedures, policy exceptions, providing documents in an alternative format, live captioning or using a sign language interpreter, or using specialized equipment.

Job Description Summary:

This position requires office presence of a minimum of 5 days per week and is only located in the location(s) posted. No relocation is offered.

​

Company Overview:

Join AT&T and reimagine the communications and technologies that connect the world. Our Chief Security Office ensures that our assets are safeguarded through truthful transparency, enforce accountability and master cybersecurity to stay ahead of threats. Bring your bold ideas and fearless risk-taking to redefine connectivity and transform how the world shares stories and experiences that matter. When you step into a career with AT&T, you won’t just imagine the future-you’ll create it.

​

About the Job:

This career step requires expert level experience. Responsible Product Management of UAM functions within the CSI IAM team Works with senior team members on various projects relating to User Access with the implementation of a SailPoint instance. Supports innovation, strategic planning, Road mapping, and Presentation to leadership and various other technical program management related tasks associated with the cyber security programs.

• Includes ideation, testing and support for various. Analysis, of complex security issues and the development and engineering activities to help mitigate risk.
• Analyzes various hardware and/or software solutions recommending purchases and identifying modifications to fit AT&T's cyber security needs and that of our managed services teams.
• Areas of work in this area include, but are not limited to: Cyber Incident Response, cyber product testing, cyber risk & strategic analysis, cyber research, cyber awareness & training, cyber vulnerability detection & assessment, cyber intelligence & investigation, cyber security application testing.

Required Qualifications:

• Expert level technical professional.
• Advisor on technical knowledge and ATT technologies.
• Knowledge and experience with IAM principles and functions required with UAM platform experience a must.
• Experience with SailPoint a strong plus.
• Additional experience with Privilege Access Management (PAM) solutions such as CyberArk also considered a strong plus.
• Typically requires 8-10 years experience.

​

Preferred Qualifications:

• Bachelors degree in Information Systems, Engineering, Mathematics or Cyber Security or equivalent experience.

Our Principal Cybersecurity, earns between $158,200.00-$237,400.00 USD Annual not to mention all the other amazing rewards that working at AT&T offers. Individual starting salary within this range may depend on geography, experience, expertise, and education/training.

​

Joining our team comes with amazing perks and benefits:

• Medical/Dental/Vision coverage
• 401(k) plan
• Tuition reimbursement program
• Paid Time Off and Holidays (based on date of hire, at least 23 days of vacation each year and 9 company-designated holidays)
• Paid Parental Leave
• Paid Caregiver Leave
• Additional sick leave beyond what state and local law require may be available but is unprotected.
• Adoption Reimbursement
• Disability Benefits (short term and long term)
• Life and Accidental Death Insurance
• Supplemental benefit programs: critical illness/accident hospital indemnity/group legal
• Employee Assistance Programs (EAP)
• Extensive employee wellness programs
• Employee discounts up to 50% off on eligible AT&T mobility plans and accessories, AT&T internet (and fiber where available) and AT&T phone.

​

#LI-Onsite – Full-time office role-

​

AT&T is leading the way to the future – for customers, businesses, and the industry. We're developing new technologies to make it easier for our customers to stay connected to their world. Together, we’ve built a premier integrated communications and entertainment company and an amazing place to work and grow. Team up with industry innovators every time you walk into work, creating the world you always imagined. Ready to #transformdigital with us?

Apply now!

Summary Information about the Role

Amazon Prime Air is looking for a Security Engineer to focus on our applications, systems, and infrastructure security. If you are seeking an iterative fast-paced environment where you can drive innovation, apply state-of-the-art technologies to solve large-scale real world delivery challenges, and provide visible benefit to end-users, this is your opportunity.

​

You are obsessed with customer trust. You have breadth and depth of security knowledge and can identify and advise on security across multiple areas of an organization. You will work to help other teams create solutions while developing strong security culture and practices.

​

You have industry-leading technical abilities and are strong in multiple domains. You work with groups throughout Amazon Prime Air to help them integrate security at all levels of their projects. You are involved in hands-on security assessments, develop and provide guidance, and advocate security engineering best practices. You proactively and continually improve your level of knowledge about Amazon’s business, information security, and relevant technologies.

​

If this sounds like you.... Come work on the Amazon Prime Air Information Security Team! We’re working on the future.

​

Company Overview

Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.

​

Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.

• Work with data scientists, software development engineers, and other security engineers across multiple teams to develop innovative security solutions
• Create, update, and maintain threat models for a wide variety of software projects
• Conduct Manual and Automated Secure Code Reviews
• Identify security gaps in applications, services, or products both internally developed and third party solutions

Required Qualifications

• Bachelor's Degree or MS in Computer Science/Engineering, Electrical Engineering, Information Security or related field, or equivalent work experience
• 2 years of experience in application, secure software or system design
• 2 years of experience in a development or security role working with development team(s) that delivered commercial software or software-based services
• Knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits
• Knowledge of Threat modeling and security risk analysis

​

Preferred Qualifications

• Detailed technical knowledge in multiple areas of: security engineering, system and network security, authentication and security protocols, cryptography, and application security
• Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, BGP and other routing protocols)
• Strong scripting skills in one or more of the common languages (e.g., Perl, Python, Ruby, shell scripting)
• Experience with service-oriented architecture and web services security

NA