Distinguished Engineer - Security Engineering

GEICO is seeking a Distinguished Engineer of Security Engineering to provide strategic and technical direction for our user, development, and production security development engineering. You will proactively and holistically drive, lead, and support, Security detection and prevention strategies with proof and validation of our controls. You will help our business transformation as we transition from a traditional IT Security model to a tech organization with engineering excellence as its mission, while co-creating a culture of leveraging security to enable the business and protecting against the latest threats.

Our Distinguished Engineer works with other DEs and Security Engineers to innovate and lead new development initiatives, improve Security, and enhance existing systems while also identifying new opportunities with an offensive security mindset to find critical problems and solve at a rapid pace. You will help lead the confirmation our systems are protected through automated testing and continuous improvement to raise the bar and foster a proactive security culture which also enables the business without impact. The ideal candidate has deep technical expertise in leading security development functions and an attacker/ defender adversarial background.

Position Responsibilities

​​​As a Distinguished Engineer, you will: 

• Influence and educate leadership at all levels to bring a security minded approach to difficult challenges balancing usability and security.

• ​​Collaborate with product managers, team members, engineering leaders, and other security teams to solve complex problems with minimal business impact.

• Define strategic roadmaps for securing infrastructure with purposeful and functional security without impacting or unnecessary overhead.

• Be ​accountable for the quality, usability, and functionality of the solutions.

• Proactively identify opportunities to enhance security measures, streamline processes, and optimize tooling to fortify our environment against emerging threats.

• Develop and implement policies, standards, and guidelines to ensure compliance with industry regulations and frameworks, promoting security as an integral part of our operation by partnering with external teams and their leadership to implement.

• Drive automation initiatives, conduct advanced research, and develop proofs of concept to enhance our security capabilities and improve overall efficiency.

• Provide impactful demonstrations and communicate the value of our security measures to the business, highlighting the positive impact on efficiency, customer trust, and overall success.

• Work with our business partners to help prioritize and validate the urgency of mitigation of identified threats and/or non-compliance.

Qualifications:

• Broad experience in security domains including endpoint, identity, network, and collaboration security.

• Demonstrated fluency and specialization with at least one modern language such as Python or Go with examples of solutions at scale.

• Extensive experience in offensive and defensive security roles, with a strong hacker mindset.

• Experience communicating and presentation to senior staff with the ability to influence stakeholders.

• Experience in a multi-platform environment with Linux, Mac, Windows.

• Experience with multiple IaaS platforms from top tier providers.

• ​Experience with solving security control requirements with engineering approaches.

• Ability to excel in a fast-paced, startup-like environment.

• Exemplary ability to design, perform experiments, and influence security detection and protection solutions.

• Strong knowledge of industry-standard security tools, frameworks, and best practices.

• Experience working with auditors and demonstrating security controls.

Experience:

• 10+ years in a dedicated security role, preferably in the tech industry

• 4+ years of experience with AWS, GCP, Azure, or other cloud providers

• 3+ years in a leadership role influencing company direction on security

• 3+ year in penetration testing, writing reports and determining countermeasures.

• History of publications, social media commentary, and/or presenting in related topics.

• Experience applying security controls to exceed third party attestation requirements (PCI, SOC, …).

Education:

• Bachelor’s degree in computer science, Cyber Security, or equivalent education with work experience.

• Third party certifications on penetration testing/ethical hacking, exploit detection and evasion techniques, and related.

Annual Salary

The above annual salary range is a general guideline. Multiple factors are taken into consideration to arrive at the final hourly rate/ annual salary to be offered to the selected candidate. Factors include, but are not limited to, the scope and responsibilities of the role, the selected candidate’s work experience, education and training, the work location as well as market and business considerations.

Benefits:

As an Associate, you’ll enjoy our Total Rewards Program* to help secure your financial future and preserve your health and well-being, including:

• Premier Medical, Dental and Vision Insurance with no waiting period**
• Paid Vacation, Sick and Parental Leave
• 401(k) Plan
• Tuition Reimbursement
• Paid Training and Licensures

*Benefits may be different by location.  Benefit eligibility requirements vary and may include length of service.

**Coverage begins on the date of hire. Must enroll in New Hire Benefits within 30 days of the date of hire for coverage to take effect.

The equal employment opportunity policy of the GEICO Companies provides for a fair and equal employment opportunity for all associates and job applicants regardless of race, color, religious creed, national origin, ancestry, age, gender, pregnancy, sexual orientation, gender identity, marital status, familial status, disability or genetic information, in compliance with applicable federal, state and local law. GEICO hires and promotes individuals solely on the basis of their qualifications for the job to be filled.

GEICO reasonably accommodates qualified individuals with disabilities to enable them to receive equal employment opportunity and/or perform the essential functions of the job, unless the accommodation would impose an undue hardship to the Company. This applies to all applicants and associates. GEICO also provides a work environment in which each associate is able to be productive and work to the best of their ability. We do not condone or tolerate an atmosphere of intimidation or harassment. We expect and require the cooperation of all associates in maintaining an atmosphere free from discrimination and harassment with mutual respect by and for all associates and applicants.