Posted in

Senior Software Development Manager – Vulnerability Management

Senior Software Development Manager – Vulnerability Management

CompanyGeico
LocationAustin, TX, USA, Richardson, TX, USA, Bethesda, MD, USA
Salary$140000 – $300000
TypeFull-Time
DegreesBachelor’s
Experience LevelSenior, Expert or higher

Requirements

  • 10+ years of professional software engineering experience, including software development lifecycle best practices
  • 5+ years of development in a large-scale, mission-critical environment
  • 5+ years of hands-on work experience supervising personnel in a technical environment
  • Experience in building highly scalable systems preferably in security domain in a hybrid cloud environment
  • Demonstrated experience with engineering excellence including secure coding practices, threat modeling, and DevSecOps
  • Excellent understanding and knowledge of application development life cycle methodologies such as agile software development, rapid prototyping, incremental value-add, synchronize, and stabilize
  • Strong leadership and team management skills
  • Excellent communication skills, both verbal and written
  • Ability to work under pressure and make decisions in challenging situations
  • Strong problem-solving skills, ability to think critically and ethically
  • Knowledge of at least a programming and scripting language such as Python, Java, C languages, JavaScript, GoLang, Rust
  • Expert understanding of application security frameworks, standards, and best practices (e.g., OWASP, SANS, NIST)
  • Experience with vulnerability scanning, CVE triaging, detection, risk assessment, prioritization, and remediation is a plus
  • Security-related certifications (such as CISSP, CISM, or CompTIA Security+) are a plus

Responsibilities

  • Develop and maintain a comprehensive Vulnerability Management engineering roadmap that aligns with industry best practices
  • Lead a team of software developers and security engineers in the execution of GEICO’s security strategies and action plans
  • Collaborate with technology engineering, product management, and other stakeholders to integrate security tooling into the software development lifecycle (SDLC)
  • Oversee the validation and prioritization of security vulnerabilities within services, applications and products
  • Provide expertise as required in security during the design, implementation, and the continual support of our products
  • Participate in the enhancement of security awareness and train developers and other relevant staff in secure coding practices
  • Establish metrics and regular reporting mechanisms for measuring security status and the effectiveness of the application and product security tooling
  • Respond to security incidents and provide post-mortem analysis to illuminate the root cause and prevent recurrence as necessary
  • Keep abreast of the latest security legislations, regulations, advisories, alerts, and vulnerabilities pertaining to the company and its mission
  • Identify and raise appropriate project risks, in addition to presenting detailed and implementable solutions or alternatives
  • Understand how requirements and design choices may impact systems across multiple areas
  • Report on your team’s progress for project and other key metrics, in addition to presenting detailed and implementable ideas for areas to further improve or influence product or project delivery
  • Initiate and support performance evaluation of team members
  • Cultivate a culture that motivates all levels of performers to higher levels of achievement
  • Execute change management processes and best practices, adapting approach as necessary

Preferred Qualifications

  • Proven success implementing large scale projects across multiple disciplines
  • Reputation as someone who engages with team members effectively
  • Identified as someone who genuinely cares about others and invests time and attention in career counseling others, focusing time and energy in encouraging associates to continue to grow and stretch into new roles or gain experience or skillsets needed to prepare for future roles
  • Deep understanding of multiple business domains as well as the application ecosystems they depend upon
  • Constructing, interpreting, and applying metrics to your work and decision making, able to use those metrics to identify correlation between drivers and results, and using that information to drive prioritization and action
  • Initiative and creativity in solving problems and driving innovation through others
  • Delivery of information in a clear and concise manner appropriate to the audience
  • Embracing ownership of both successes and failures, demonstrating leadership maturity
  • Ability to balance multiple assignments distributed across multiple teams and dependency areas
  • Confidence with decision making
  • Clearly able to see how projects interrelate and have a strategic impact
  • Ability to build and maintain a network of contacts
  • Continued understanding of and growth in emotional intelligence