Cybersecurity Risk Analyst II
CLEAR · New York, NY · 6 days ago
On-siteFinance$119k–$140k/yrFull-time
What you'll do:
- Own CLEAR's third-party risk management program end-to-end, including vendor security assessments, due diligence, and ongoing monitoring across our partner ecosystem
- Lead the cyber risk management lifecycle by identifying, assessing, prioritizing, and tracking risks through remediation
- Translate complex technical risk into clear, actionable recommendations that enable business and engineering leaders to make informed decisions
- Develop and maintain meaningful risk metrics, dashboards, and reporting that provide leadership with visibility into CLEAR’s evolving cyber risk posture
- Partner with Engineering, Product, Privacy, Legal, and Security teams to ensure security requirements are understood, implemented, and validated throughout the development lifecycle
- Identify and drive continuous process improvements that make risk management more scalable, efficient, and effective while reducing friction for internal stakeholders
- Support risk quantification initiatives by applying probabilistic and data-driven approaches to better measure, prioritize, and communicate risk
What you're great at:
- 3-5+ years of experience in cybersecurity risk management or a similar role, ideally in industries requiring high levels of data privacy and protection (e.g., technology, finance, healthcare)
- Communicating complex technical and business risk clearly to both technical and non-technical audiences
- Partnering with Engineering teams by asking thoughtful questions, understanding technical architectures, and challenging assumptions to improve security outcomes
- Staying organized and effectively balancing multiple priorities in a fast-paced, cross-functional environment
- Thriving in ambiguity by building structure, driving clarity, and delivering practical solutions
- Applying analytical and critical thinking skills to quickly understand new technologies, systems, and business domains
- Leveraging quantitative reasoning to support risk-based decision making; experience with FAIR or other cyber risk quantification frameworks is a plus
How You'll be Rewarded:
- Comprehensive healthcare plans
- Fertility and adoption/surrogacy support
- Flexible time off
- Annual wellness stipend
- Free OneMedical memberships for you and your dependents
- CLEAR Plus membership
- 401(k) retirement plan with employer match
Qualifications:
Clear the job title as a heading (the page already shows it) and do NOT put Job ID / requisition numbers as headings — fold minor metadata into a short
or drop it.
Preserve ALL substantive information; do NOT invent or summarize away detail. Remove cookie/navigation/legal/EEO/equal-opportunity/scam-warning boilerplate, duplicated lines, and application instructions.
IMPORTANT: include a section ONLY when the posting has real, specific content for it — never emit a heading followed by filler/placeholder text (e.g. "commensurate with experience", "not specified", "N/A", "varies", "TBD") and never create Pay/Schedule/Benefits sections unless the posting actually states them. Prefer a few substantive sections over many thin ones.