Staff Security Engineer - Vulnerability Management Engineering (Remote)

GEICO is seeking an experienced fullstack engineer with a deep technical expertise and passion for building highperformance low maintenance zerodowntime and highly scalable systems. The ideal candidate has a proven track record of design development and implementation of scalable solutions in hybrid environments using commercial and opensource products preferably in Cybersecurity domain. This role will be responsible for leading enterprise initiatives and collaboration with crossfunctional teams as well as designing and implementing secure and scalable solutions to drive Vulnerability Management initiatives.

As a Staff Engineer youre not just a technical expertyoure a lead a problem solver an innovator who thrives in a fastpaced constantly evolving environment. You will turn complex security challenges into elegant practical solutions while fostering collaboration across teams and stakeholders. You have exposure to Cybersecurity and are wellversed with Vulnerability Management Lifecycle asset discovery internal/external scans contextualization and riskbased assessment triaging of CVEs detection authoring security data pipeline reporting and remediation.

Staff Engineer works closely with infrastructure development product and other organizations across GEICO to integrate security into the ecosystem from design through deployment to sustainable operations. The Staff Engineer brings in expertise in requirements identification feasibility analysis secure infrastructure designs technology evaluation and selection and implementation of scalable systems using CI/CD and DevSecOps to raise the bar on engineering excellence and security best practices.

As a Staff Engineer you will:

• Provide technical leadership for cybersecurity program strategy software development integration decisions analyzing design constraints and tradeoffs in system and security design

• Lead design development and delivery of security solutions to drive Vulnerability Management initiatives.

• Deliver automation initiatives conduct advanced research and develop proofs of concept to enhance our security capabilities and improve overall efficiency

• Achieve security business outcomes through force multiplication

• Develop integrate and maintain multilevel cybersecurity designs architectures policies and procedures

• Provide secure design guidance and recommendations to developers infrastructure and product engineers

• Influence and educate partner teams to bring an engineering first approach to develop sustainable security systems.

• Mentor peers and team members in security technologies enterprise solution design deployment and effective customer interaction

• Provide motivating demonstrations and communications to show the value of our security measures to the business highlighting the low impact on systems improved operability and resiliency

Qualifications

• Tech lead with fullstack software development and DevSecOps experience in a hybrid environment (AWS Azure onprem)

• Development and leadership in Cybersecurity domain preferably in Vulnerability Management Engineering

• Specialization with at least one modern languages such as Java Go Python or C# and a scripting language

• Extensive knowledge and experience of building data intensive largescale distributed systems on cloud

• Experience building the architecture and design of new and current systems (architecture design patterns reliability and scaling)

• Fluency in DevOps concepts and best practices in CI/CD pipelines and infrastructure as a code

• Experience with application performance monitoring tools and performance assessments

• Ability to design implement deploy and operate systems to solve complex security problems in a fastpaced startuplike environment

• Strong knowledge of industrystandard security tools frameworks and best practices including MITRE CIS and NIST

• Experience working with auditors and demonstrating security controls

Experience

• 6 years of noninternship professional software engineering experience of building largescale distributed systems

• 4 years of experience with architecture and design in a tech lead role

• 4 years of experience with AWS GCP Azure or other cloud providers

• 3 years of experience in opensource frameworks

• Foundational knowledge of security best practices for system design and development

• Experience of building applications for security domain

• Experience of assessing security vulnerabilities and driving their remediation is a plus

• A professional security certifications (e.g. CISSP CCSP CSSLP) is a plus

Education

• Bachelors degree in Computer Science Information Systems Cyber Security or equivalent education with work experience

Annual Salary

The above annual salary range is a general guideline. Multiple factors are taken into consideration to arrive at the final hourly rate/ annual salary to be offered to the selected candidate. Factors include but are not limited to the scope and responsibilities of the role the selected candidates work experience education and training the work location as well as market and business considerations.

The GEICO Pledge:

Great Company:At GEICO we help our customers through lifes twists and turns. Our mission is to protect people when they need it most and were constantly evolving to stay ahead of their needs.

Were an iconic brand that thrives on innovation exceeding our customers expectations and enabling our collective success. From day one youll take on exciting challenges that help you grow and collaborate with dynamic teams who want to make a positive impact on peoples lives.

Great Careers:We offer a career where you can learn grow and thrive through personalized development programs created with your career and your potential in mind. Youll have access to industry leading training certification assistance career mentorship and coaching with supportive leaders at all levels.

Great Culture:We foster an inclusive culture of shared success rooted in integrity a bias for action and a winning mindset. Grounded by our core values we have an an established culture of caring inclusion and belonging that values different perspectives. Our teams are led by dynamic multifaceted teams led by supportive leaders driven by performance excellence and unified under a shared purpose.

As part of our culture we also offer employee engagement and recognition programs that reward the positive impact our work makes on the lives of our customers.

Great Rewards:We offer compensation and benefits built to enhance your physical wellbeing mental and emotional health and financial future.

• Comprehensive Total Rewards program that offers personalized coverage tailormade for you and your familys overall wellbeing.
• Financial benefits including marketcompetitive compensation; a 401K savings plan vested from day one that offers a 6% match; performance and recognitionbased incentives; and tuition assistance.
• Access to additional benefits like mental healthcare as well as fertility and adoption assistance.
• In office and remote opportunities as well as our signature GEICO Flex program offering the ability to work remotely for up to four weeks per year.

The equal employment opportunity policy of the GEICO Companies provides for a fair and equal employment opportunity for all associates and job applicants regardless of race color religious creed national origin ancestry age gender pregnancy sexual orientation gender identity marital status familial status disability or genetic information in compliance with applicable federal state and local law. GEICO hires and promotes individuals solely on the basis of their qualifications for the job to be filled.

GEICO reasonably accommodates qualified individuals with disabilities to enable them to receive equal employment opportunity and/or perform the essential functions of the job unless the accommodation would impose an undue hardship to the Company. This applies to all applicants and associates. GEICO also provides a work environment in which each associate is able to be productive and work to the best of their ability. We do not condone or tolerate an atmosphere of intimidation or harassment. We expect and require the cooperation of all associates in maintaining an atmosphere free from discrimination and harassment with mutual respect by and for all associates and applicants.