Identity Security Distinguished Engineer REMOTE
Identity Security Distinguished Engineer REMOTE
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
$ 150000 - 300000
1 Vacancy
Job Description
GEICO is seeking an Identity Security Distinguished Engineer to provide security specific strategic and technical direction for our identity and access management solutions with our user development and production domains. This individual will play a lead role within GEICOs Cybersecurity team with a focus on defensive and protective controls compliance and governance automation and driving modernization in our identity strategy.
Our Distinguished Engineer will be the technical and engineering lead for a team of engineers who proactively and holistically deliver secure IAM configuration threat detection strategic partnership on the IAM roadmap and create automated proof and validation of our controls. You will help our business transformation as we transition from a traditional IT Security model to a tech organization with engineering excellence as its mission while cocreating a culture of leveraging security to enable the business and protecting against the latest threats.
You will innovate and lead new initiatives improve Security enhance existing systems while also identifying new opportunities with an offensive security mindset to find critical problems and solve at a rapid pace. You will help lead the confirmation our systems are protected through automated testing and continuous improvement to raise the bar and foster a proactive security culture which also enables the business without impact. The ideal candidate has deep technical expertise in this domain and an attacker/defender adversarial background.
Job Responsibilities
As a Distinguished Engineer you will:
Influence and educate staff at all levels to bring a security minded approach to difficult challenges balancing usability and security.
Provide technical guidance and mentorship to the team fostering a culture of innovation collaboration and continuous improvements.
Collaborate with crossfunctional leaders team members IAM engineering and peer security teams to solve complex problems with minimal business impact.
Proactively identify opportunities to enhance security measures streamline processes and optimize tooling to fortify our environment against emerging threats.
Deliver automation initiatives conduct advanced research and develop proofs of concept to enhance our security capabilities and improve overall efficiency.
Help develop and implement engineered automation to ensure compliance with industry regulations and frameworks which demonstrates without manual efforts.
Work with our business partners to help derive and validate mitigation techniques for identified threats and/or noncompliance.
Define roadmaps for securing various identities with purposeful and functional security without impacting or unnecessary overhead.
Automated adversarial testing of our identity systems to ensure detection mechanisms function appropriately and efficiently.
Provide motivating demonstrations and communications to show the value of our security measures to the business highlighting the low impact on systems improved operability and resiliency.
Qualifications:
Extensive experience in identity products and protocols products Active Directory Kerberos LDAP SAML SCIM OAuth and OIDC.
Deep skills in privileged access management tools and services (build/buy).
Extensive experience in offensive and defensive security roles with a strong hacker mindset.
Experience building and designing (architecture design patterns reliability and scaling) of security systems with microservices and extensible REST APIs.
Experience communicating and presentation to senior and junior staff with the ability to influence stakeholders.
Experience in a multiplatform environment with Linux Mac Windows.
Experience with multiple IaaS platforms from top tier providers.
Experience with solving security control requirements with engineering approaches.
Ability to excel in a fastpaced startuplike environment.
Ability to design perform experiments and influence security detection and protection solutions.
Strong knowledge of industrystandard security tools frameworks and best practices including ITDR EPM MITRE CIS and NIST.
Demonstrated fluency and specialization with at least one modern language such as Python or Go.
In depth expertise in cryptographic protocols digital certificates and encryption standards such as X.509 Transport Layer Security (TLS) and Advanced Encryption Standard (AES).
Experience working with auditors and demonstrating security controls.
Experience:
8 years in a dedicated security role preferably in the tech industry
5 years of experience with security identity architecture and design
5 years of experience with opensource frameworks is desired.
3 years of experience with AWS GCP Azure or other cloud providers
3 years in a senior security role preferably architecture influencing company direction on security strategy.
Education with practical examples in penetration testing writing test scripts and determining countermeasures.
Experience applying security controls to exceed third party attestation requirements (PCI SOC .
Desired certifications: CISSP CISA CISM CCSK CCSP CEH CCISO and related GIAC.
Education:
Bachelors degree in Computer Science Cyber Security or equivalent education with work experience
Third party certifications on penetration testing/ethical hacking exploit detection and evasion techniques and related.
Annual Salary
$150000.00 $300000.00The above annual salary range is a general guideline. Multiple factors are taken into consideration to arrive at the final hourly rate/ annual salary to be offered to the selected candidate. Factors include but are not limited to the scope and responsibilities of the role the selected candidates work experience education and training the work location as well as market and business considerations.
Benefits:
As an Associate youll enjoy our Total Rewards Program* to help secure your financial future and preserve your health and wellbeing including:
- Premier Medical Dental and Vision Insurance with no waiting period**
- Paid Vacation Sick and Parental Leave
- 401(k) Plan
- Tuition Assistance
- Paid Training and Licensures
*Benefits may be different by location. Benefit eligibility requirements vary and may include length of service.
**Coverage begins on the date of hire. Must enroll in New Hire Benefits within 30 days of the date of hire for coverage to take effect.
The equal employment opportunity policy of the GEICO Companies provides for a fair and equal employment opportunity for all associates and job applicants regardless of race color religious creed national origin ancestry age gender pregnancy sexual orientation gender identity marital status familial status disability or genetic information in compliance with applicable federal state and local law. GEICO hires and promotes individuals solely on the basis of their qualifications for the job to be filled.
GEICO reasonably accommodates qualified individuals with disabilities to enable them to receive equal employment opportunity and/or perform the essential functions of the job unless the accommodation would impose an undue hardship to the Company. This applies to all applicants and associates. GEICO also provides a work environment in which each associate is able to be productive and work to the best of their ability. We do not condone or tolerate an atmosphere of intimidation or harassment. We expect and require the cooperation of all associates in maintaining an atmosphere free from discrimination and harassment with mutual respect by and for all associates and applicants.
Employment Type
Full-Time
