security
Posted 1 weeks agoSenior Product Security Engineer
at Clear
New York, United StatesOn-site
You are nearing today's limit. Upgrade for unlimited access.
Responsibilities
- Monitor and triage findings from Wiz, Tenable, GHAS, and other scanners, ensuring issues are routed to the right owners with the right context and priority.
- Manage on our centralized VM platform that aggregates findings across Wiz, Tenable, GHAS, and other sources and ensure consistent normalization, deduplication, and ownership mapping (e.g., by AWS tags, teams, or services) so we have a single, trustworthy view of risk.
- Manage CLEAR’s risk scoring and SLA models (High/Critical, “Most Wanted” assets, ETC) within the VM platform and make sure we are tracking overdue findings, SLA adherence, backlog trends, and top risky assets/teams
Requirements
- Whether it’s at the airport, stadium, or throughout your everyday life, CLEAR unlocks the magic of frictionless experiences.
- You’ll operate the tools that surface risk (like Wiz, Tenable, and Github), turn findings into clear, actionable work, and partner with engineering teams to drive down real-world risk. Not just tickets. What you’ll do:
- Participate in regular triage / review sessions, help prioritize backlog items, and follow through to ensure high‑risk issues are validated and closed in the source tools (not just Jira).
- Cleaner, more accurate vulnerability data with fewer duplicates and orphaned tickets; consistent mapping between scanner findings, Jira issues, and asset/ownership data across Wiz, Tenable, and other tools.
- Operational efficiency and predictability with less manual reconciliation across tools and spreadsheets; more of the VM workflow (triage, routing, validation, reporting) running through standard playbooks and automation.
- experience in security engineering or product security ideally in a cloud‑first or SaaS environment. Hands‑on
- experience working with at least one modern vulnerability or exposure management stack (e.g., Wiz, Tenable, Rapid7, GHAS, or similar).
- Understanding of end‑to‑end VM workflows: scanning, triage, risk scoring, ticketing, validation, and reporting.
- Working knowledge of modern cloud and infrastructure patterns (AWS preferred), including how services, hosts, containers, and repos map to real teams and products.
- Experience supporting regulated environments (e.g., FedRAMP, PCI, SOC2) and preparing vulnerability‑related evidence for audits.
Experience
- What you’re great at: 6+ years of
Benefits
- Outside of the office, we invest in your well-being and learning & development with stipends and reimbursement programs.
- We offer holistic total rewards, including comprehensive healthcare plans, family-building
- benefits (fertility and adoption/surrogacy support), flexible time off, annual wellness stipend, free OneMedical memberships for you and your dependents, a CLEAR Plus membership, and a 401(k) retirement plan with employer match.
- The total compensation range for this role is $225,000-$300,000, depending on levels of skills and experience.
- This range represents the combined base salary and new hire equity package (in Restricted Stock Units) for this position at CLEAR.
- Additionally, this role will be eligible for refresh equity grants as part of our ongoing compensation program.
- Actual compensation will vary based on factors including, but not limited to, location, education, skills, experience, and performance.
- All stock based compensation will be subject to the terms and conditions of applicable agreements.
- Examples of reasonable accommodation include, but are not limited to, time off, extra breaks, making a change to the application process or work procedures, policy exceptions, providing documents in an alternative format, live captioning or using a sign language interpreter, or using specialized equipment.
Contact
- All communications related to this role will come directly from a CLEAR employee through valid CLEAR channels (e.g., a valid @clearme.com email address or verified CLEAR LinkedIn profile).
Additional details
- CLEAR is building THE secure identity company of the future.
- Our mission is to make experiences safer and easier—physically and digitally.
- With more than 38 million Members and a growing network of partners across the world, CLEAR's secure identity platform is transforming the way people live, work, and travel.
- As a Senior Product Security Engineer on our Product Security team you’ll help run and evolve CLEAR’s vulnerability management program across cloud, infrastructure, endpoints, and applications.
- Work directly with code, cloud, and endpoint teams to clarify findings, group related issues, and translate scanner output into concrete remediation plans that fit their roadmaps.
- Partner with engineering to get fixes shipped
- Contribute to VM process and tool improvements with enhancements to connectors, data quality checks, scorecards, runbooks, and how‑to guides so vulnerability management processes are repeatable and easy to onboard to.
- Improved remediation outcomes with a reduction in High/Critical vulnerabilities out of SLA, especially on top-risk assets and services, and visible burn‑down in dashboards and scorecards.
- Trust in reporting as Security, Engineering, and Compliance stakeholders rely on VM dashboards as the single source of truth for vulnerability posture, SLAs, and exceptions.
- Strong written and verbal communication skills; can explain vulnerabilities, risk tradeoffs, and SLAs to both deeply technical engineers and non‑technical stakeholders. •