At GEICO, the business problem is to protect enterprise-wide assets through collaboration with cross-functional teams and to maintain a strong security posture for the company by integrating security into the ecosystem from design through deployment to sustainable operations.
Requirements
- 10+ years of professional software engineering experience, including software development lifecycle best practices
- 5+ years of development in a large-scale, mission-critical environment
- 5+ years of hands-on work experience supervising personnel in a technical environment
- Experience in building highly scalable systems preferably in security domain in a hybrid cloud environment.
- Demonstrated experience with engineering excellence including secure coding practices, threat modeling, and DevSecOps.
- Knowledge of at least a programming and scripting language such as Python, Java, C languages, JavaScript, GoLang, Rust.
- Understanding of application security frameworks, standards, and best practices (e.g., OWASP, SANS, NIST)
Responsibilities
- Develop and maintain a comprehensive Vulnerability Management engineering roadmap that aligns with industry best practices.
- Lead a team of software developers and security engineers in the execution of GEICO’s security strategies and action plans.
- Collaborate with technology engineering, product management, and other stakeholders to integrate security tooling into the software development lifecycle (SDLC).
- Oversee the validation and prioritization of security vulnerabilities within services, applications and products.
- Provide expertise as required in security during the design, implementation, and the continual support of our products.
- Participate in the enhancement of security awareness and train developers and other relevant staff in secure coding practices.
- Establish metrics and regular reporting mechanisms for measuring security status and the effectiveness of the application and product security tooling.
Other
- Proven success implementing large scale projects across multiple disciplines
- Reputation as someone who engages with team members effectively
- Identified as someone who genuinely cares about others and invests time and attention in career counseling others
- Bachelor’s degree in Computer Science, Cyber Security, or equivalent education with work experience
- Ability to work under pressure and make decisions in challenging situations
