Staff Security Engineer – Vulnerability Management Engineering
| Company | Geico |
|---|---|
| Location | Austin, TX, USA, Frederick, MD, USA, Bethesda, MD, USA |
| Salary | $105000 – $260000 |
| Type | Full-Time |
| Degrees | |
| Experience Level | Senior, Expert or higher |
Requirements
- Tech lead with full-stack software development and DevSecOps experience in a hybrid environment (AWS, Azure, on-prem)
- Development and leadership in Cybersecurity domain, preferably in Vulnerability Management Engineering
- Specialization with at least one modern languages such as Java, Go, Python or C#, and a scripting language
- Extensive knowledge and experience of building data intensive large-scale distributed systems on cloud
- Experience building the architecture and design of new and current systems (architecture, design patterns, reliability, and scaling)
- Fluency in DevOps concepts and best practices in CI/CD pipelines and infrastructure as a code
- Experience with application performance monitoring tools and performance assessments
- Ability to design, implement, deploy, and operate systems to solve complex security problems in a fast-paced, startup-like environment
- Strong knowledge of industry-standard security tools, frameworks, and best practices including MITRE, CIS and NIST
- Experience working with auditors and demonstrating security controls
Responsibilities
- Provide technical leadership for cybersecurity program strategy, software development, integration decisions, analyzing design constraints and trade-offs in system and security design
- Lead design, development, and delivery of security solutions to drive Vulnerability Management initiatives.
- Deliver automation initiatives, conduct advanced research, and develop proofs of concept to enhance our security capabilities and improve overall efficiency
- Achieve security business outcomes through force multiplication
- Develop, integrate, and maintain multilevel cybersecurity designs, architectures, policies, and procedures
- Provide secure design guidance and recommendations to developers, infrastructure, and product engineers
- Influence and educate partner teams to bring an engineering first approach to develop sustainable security systems.
- Mentor peers and team members in security technologies, enterprise solution design, deployment, and effective customer interaction
- Provide motivating demonstrations and communications to show the value of our security measures to the business, highlighting the low impact on systems, improved operability and resiliency
Preferred Qualifications
- 6+ years of non-internship professional software engineering experience of building large-scale distributed systems
- 4+ years of experience with architecture and design in a tech lead role
- 4+ years of experience with AWS, GCP, Azure, or other cloud providers
- 3+ years of experience in open-source frameworks
- Foundational knowledge of security best practices for system design and development
- Experience of building applications for security domain
- Experience of assessing security vulnerabilities and driving their remediation is a plus
- A professional security certifications (e.g., CISSP, CCSP, CSSLP) is a plus