Senior Security Engineer, Infrastructure Security

CLEAR - Corporate•New York, NY

1d•Onsite

About The Position

CLEAR is building THE secure identity company of the future. Our mission is to make experiences safer and easier—physically and digitally. With more than 38 million Members and a growing network of partners across the world, CLEAR's secure identity platform is transforming the way people live, work, and travel. Whether it’s at the airport, stadium, or throughout your everyday life, CLEAR unlocks the magic of frictionless experiences. As a Senior Security Engineer on the Infrastructure Security Engineering (ISE) team, you will help safeguard CLEAR’s core platforms across cloud, identity, and corporate endpoint controls. You’ll harden our AWS and Kubernetes environments, scale security controls through infrastructure-as-code, and partner with teams across Engineering, CorpIT, and Security to make secure-by-default the easiest path.

Requirements

6+ years of experience in infrastructure, cloud, or platform security, with hands-on responsibility for securing AWS-based environments at scale.
Strong understanding of modern infrastructure architectures: multi-account AWS, Kubernetes/EKS, containers, CI/CD, and microservices.
Deep familiarity with AWS security building blocks: IAM, organizations and SCPs, VPC/networking, KMS, logging/monitoring, and common security services.
Proficiency with infrastructure-as-code (Pulumi and/or Terraform) and scripting or general-purpose languages (e.g., Python, Go, or similar) to automate security controls and workflows.
Ability to explain complex infrastructure risks and tradeoffs to both deeply technical partners and non-technical stakeholders.
Experience in regulated or audited environments (e.g., PCI, SOC 2, FedRAMP, NIST 800-53) and translating requirements into pragmatic controls.

Responsibilities

Design, implement, and continuously improve security controls for our AWS and GCP accounts, Kubernetes clusters, and containerized workloads.
Embed guardrails into infrastructure-as-code (Pulumi/Terraform) and CI/CD so security is automated, repeatable, and testable.
Partner with platform and product teams to prioritize and remediate misconfigurations and vulnerabilities based on risk and business impact.
Ensure infrastructure access patterns align with Zero Trust principles (least privilege, just-in-time access, strong authentication).
Automate recurring security workflows (detections, reporting, evidence collection) to reduce manual toil and improve time to response.
Act as a trusted partner to Platform, SRE, and Product Engineering teams—supporting design reviews, offering practical guidance, and championing secure patterns that fit how teams actually build.