Director, Technology Assurance & Compliance

Clear New York , NY 10007

Posted 2 months ago

CLEAR's mission is to strengthen security and create frictionless experiences. We believe you are you and by using your biometrics - your eyes, face, and fingerprints - we keep you moving. Imagine a world where you can do virtually everything you need to - breeze through the airport, buy a beer at the game, check-in at the doctor's office, access your office building, and more - without ever pulling out your wallet. CLEAR is currently available in 50+ airports, stadiums and venues nationwide. Now with Health Pass, CLEAR securely connects a person's digital identity to multiple layers of COVID-related insights to help reduce public health risk and restore peace of mind.

We're defining and leading an entirely new industry, obsessing over our customers, and investing in great people to lead the way. Recently named on CNBC's Disruptor 50 List for the second year in a row and winner of the SXSW Interactive Innovation Award, CLEAR is providing innovative technology options for businesses and our 5+ million members to help create a safer environment no matter where you go.

CLEAR is seeking a Director of Technology Assurance & Compliance. The right person for this role has a strong drive to solve security challenges within a rapidly expanding environment, and the desire to implement best-in-class security measures using cutting edge technology. This individual will work in CLEAR's GRC team, partnering heavily with Infrastructure, DevOps, and Security Engineering teams in a cloud-native environment. Technology Assurance & Compliance will focus on interfacing with key external regulators and business partners (audit response, contract review, etc.), managing internal regulatory standard compliance efforts, and working with teams to brainstorm compliant solutions and remediate any outstanding compliance issues. This individual will have solid experience in cyber & IT regulatory compliance (FISMA, NIST 800-53, PCI-DSS, HIPAA, etc.), demonstrated success in working with Federal agencies and governing bodies, responding to IT or security audits and compliance attestations, and performing information assurance and compliance assessments.

What You Will Do:

  • Maintain security and establish functional requirements for security measures.

  • Coordinate with business area managers and professional staff to ensure information system security compliance.

  • Be the focal point for interactions with Federal agency regulators and auditors

  • Work with CLEAR's various Government programs and security staff to complete required Systems Security Plans (SSPs).

  • Define, create and maintain the documentation for certification and accreditation of each information system in accordance with government and regulatory requirements.

  • Assess the compliance impacts of system modifications and technological advances.

  • Review systems in order to identify potential security weaknesses and recommend improvements to amend vulnerabilities

  • Be responsible for authentication of hardening hardware and software systems against external or internal threats.

  • Assess remediations, changes, upgrades and documentation revisions for alignment with CLEAR's business critical security frameworks

  • Lead security control assessments and audits

  • Recommend changes to information security policies

  • Monitor and review updates to regulations, frameworks and contracts. (NIST 800-53, PCI-DSS, HIPAA)

  • Communicate updates to technology and business owners

  • Document changes to policy; such as new and enhanced controls

  • Provide tracking procedures to support policies are developed and maintained by technical and business owners

  • Respond to business partner security inquiries & audits and ensure that any findings are remediated in a timely fashion

  • Participate in the selection of information security solutions

  • Respond to inquiries from staff, administrators, service providers, site personnel and outside vendors, to provide technical assistance and support

Who You Are:

  • 7+ years of information systems security or related auditing experience

  • Experience with information systems security standards and practices (NIST 800-53, PCI-DSS, HIPAA, etc.)

  • Familiar with Federal ATO process and able to produce appropriate documentation and evidence (CDRs, SSPs, etc.)

  • Able to balance business priorities/initiatives with sound risk management

  • Familiar with risk management processes (e.g., methods for assessing and mitigating risk)

  • Expertise with cybersecurity and privacy principles and controls used to manage risks related to the use, processing, storage, and transmission of information or data

  • Conversant with system and application security risks, threats and vulnerabilities

  • Familiar with network security architecture concepts: including topology, protocols, components, and principles (e.g., application of defense-in-depth)

  • Understand technology, management, and leadership issues related to organization processes and problem solving

  • Understand advanced concepts and issues related to cyber security and its organizational impact

  • Because of the constant developing nature of information systems and cyber attacks, you must be committed to continuous learning and system knowledge.

  • Working knowledge of cloud, container, and network security

  • Excellent oral and written communication skills in both a technical & non-technical environment

  • Highly analytical and effectively able to troubleshoot and prioritize needs, requirements and other issues

  • Strong problem-solving skills, detail orientation, follow-through capabilities and escalation of key issues

  • Ability to work with diverse personalities within various levels of the organization

  • Ability to manage multiple issues at one time

  • Strong ability to analyze, consolidate and communicate complex technical topics to all levels of staff including but not limited to IT executives, business/technical managers, developers and system administrators in verbal and written form

  • Ability to independently organize, prioritize and follow-up on tasks in a high-pressure environment

  • Can work effectively in a dynamic environment where shifting priorities frequently alter work plans

  • Established security certifications such as CISSP, CRISC, etc. preferred

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Compliance Associate Director

Constellation Advisers

Posted 2 weeks ago

VIEW JOBS 11/12/2020 12:00:00 AM 2021-02-10T00:00 <p><strong>Opportunity</strong>: Constellation Advisers, a premier investment management consultancy with a boutique firm approach, is seeking an experienced compliance professional with a minimum 7 years of relevant experience. The ideal candidate will have a strong background working in-house at fast-paced, sophisticated long-short hedge fund managers who actively traded equity securities, derivatives and complex hybrids both domestically and in foreign markets; as well as familiarity with Rule 105 of Reg. M restrictions, order marking across portfolios, packaging securities into hedging instruments, and potential regulatory implications associated with complex trading and hedging strategies. Bachelor degree required and JD preferred. </p> <p><strong>Why Constellation</strong>: Since it was founded in 2008, Constellation has built an unparalleled reputation as a leading service provider to the investment management industry. This is entirely a result of its people. The investment in our employees begins on day one with onsite training while working alongside senior executives in high growth industries. Beginning at the Associate level, our professionals are exposed to a wide array of investment management structures and strategies including hedge funds, private equity, energy, debt, crypto asset, real estate, venture capital, and many more. The day to day variance keeps our people engaged and at the forefront of the industry. Our teams work in a collaborative environment across service lines to gain insight into Accounting and Finance, Middle Office and Operations, and Regulatory and Compliance. Constellation is expanding across the country and worldwide as we continue to open new offices and grow our client base. Join our team today and develop experience that will last you a lifetime.</p> <p><strong>Key Components</strong>: This position requires strong concern for quality and accuracy of work with a results-oriented focus. The work involves critical and technical thinking and problem solving based on detailed knowledge of all pertinent facts and thorough analysis of relevant details. There is an intense focus on complex, independent problem solving, self-direction and freedom of ideas. The individual in this position must maintain a professional demeanor and make sound, well thought-out decisions. This position requires little delegation of details or responsibilities, it is important that close, quick and critical follow up occur to recognize and correct mistakes. The work schedule of this position will be dictated by client needs, work flow and current deadlines. This hire will join the firm's compliance team in the assessment, development, implementation, and testing of compliance programs for our hedge fund managers, in addition to providing Regulatory Exam support functions.</p><p><strong>Requirements</strong></p><p><strong>Responsibilities</strong>:</p> <p>Work within the team to:</p> <ul> <li>Advise clients on compliance with the Securities Act, Securities Exchange Act, Advisers Act and other applicable regulatory directives.</li> <li>Advise on Rule 105 of Reg. M restrictions, order marking across portfolios, packaging securities into hedging instruments, complex trading and hedging strategies. </li> <li>Advise on and review firm marketing and advertising materials for compliance with the Advisers Act and other applicable regulatory requirements.</li> <li>Assist clients in the performance of compliance functions, such as oversight of personal trading, email review, the monitoring of firm trading activities and maintaining restricted lists.</li> <li>Prepare and file required regulatory filings, for US and international clients.</li> <li>Review client and account documentation for anti-money laundering compliance.</li> <li>Review, assess, devise, and conduct training of our clients' employees and management, according to client needs, particularly regarding the Advisers Act, including training on insider trading, custody, conflicts of interest (i.e. allocations, Pay-to-Play, gifts and entertainment, and cross trades), and valuation.</li> <li>Design and monitor testing systems to ensure the efficacy of controls and surveillance programs, including the consultation and implementation of relevant technology and technology infrastructure.</li> <li>Perform other compliance-related responsibilities and special projects, as needed.</li> </ul> <p><strong>Qualifications</strong>:</p> <p></p> <p>Successful candidates will have many, if not all, of the attributes below:</p> <ul> <li>Bachelor's Degree Required</li> <li>Strong experience with buy-side compliance for actively traded hedge funds is required </li> <li>Indepth pre-trade and post-trade compliance experience </li> <li>Strong background with hedge fund(s) who actively trades securities, derivatives and complex hybrids; experience includes familiarity with Rule 105 of Reg. M restrictions, order marking across portfolios, packaging securities into hedging instruments, and potential regulatory implications associated with complex trading and hedging strategies. </li> <li>7-10 years of relevant compliance experience at a registered investment adviser, law firm, or investment consulting firm</li> <li>Strong working knowledge of the IA Act of 1940</li> <li>Knowledge of SEC Exam practices, experience with SEC exams preferred</li> <li>Knowledge of CFTC / NFA as well as FINRA requirements is a plus</li> <li>JD Preferred</li> </ul><p><strong>Benefits</strong></p><ul> <li>Health Care Plan (Medical, Dental &amp; Vision)</li> <li>Retirement Plan (401k, IRA)</li> <li>Life Insurance (Basic, Voluntary &amp; AD&amp;D)</li> <li>Paid Time Off (Vacation, Sick &amp; Public Holidays)</li> <li>Family Leave (Maternity, Paternity)</li> <li>Short Term &amp; Long Term Disability</li> </ul> Constellation Advisers New York NY

Director, Technology Assurance & Compliance