Red Team Operator
CLEAR makes life easier and more secure by using biometrics – your fingerprints, eyes and face – to confirm that you are you, and keep you moving. Imagine a world where you can do virtually everything you need to – breeze through the airport, buy a beer at the game, check-in at the doctor’s office, access your office building, and more – without ever pulling out your wallet or phone. Now in 45+ airports and other venues nationwide, you are your ID, credit card, ticket, reservation and more with CLEAR.
We’re defining and leading an entirely new industry, moving quickly with data-informed decisions, obsessing over our customers, and investing in great people to lead the way. Recently named on CNBC’s Disruptor 50 List and winner of the SXSW Interactive Innovation Award, we’re working tirelessly to create frictionless customer experiences for our 3+ million members across the country.
We are looking for a Red Team Operator to join our team. This position requires an established expert responsible for scoping engagements, presenting results and methodologies, and working with stakeholders across multiple business units to remediate findings. You will be responsible for identifying and testing new tools, techniques and methods used for penetration testing activities.
What You Will Do:
- Conduct CLEAR's Red Team exercises, including penetration testing, Red/Blue teaming programs, and Cybersecurity tabletop exercises
- Summarize the exercise for senior leadership, including areas of success and areas of opportunities.
- Drive the team's identification and remediation of any findings, in collaboration with the larger team, as well as security business and information technology partners.
- Work closely with other groups within the security organization in order to develop the strong partnerships required to meet technology goals
- Integrate the designs for secure application, network, and product development supporting business intelligence.
Who You Are:
- 3-5 years of experience in penetration testing, vulnerability management, or ethical hacking required.
- Experience with at least one of the following scripting languages (PowerShell, Bash, Python, Ruby, Node.js)
- Passion for protecting networks, systems and data from cyber attacks
- Experience performing application security source code reviews.
- You have lead an enterprise wide cybersecurity internal assessment, including a knowledge of control strategies for a global organization
- Programming experience in one or more languages such as Python, Ruby, Perl, Bash, JavaAdvanced knowledge of operating and database security (Windows, UNIX/Linux, SQL, Oracle, etc)
- Capable of managing multiple penetration test engagements, from cradle to grave, at the same time
- Demonstrated and proven knowledge of tactics used by malicious insiders, techniques and procedures associated with state sponsored threat actors: must be able to examine an organization from the standpoint of a threat actor and articulate risk in clear, precise terms.