At GEICO, we offer a rewarding career where your ambitions are met with endless possibilities. Every day we honor our iconic brand by offering quality coverage to millions of customers and being there when they need us most. We thrive through relentless innovation to exceed our customers’ expectations while making a real impact for our company through our shared purpose. When you join our company, we want you to feel valued, supported and proud to work here. That’s why we offer The GEICO Pledge: Great Company, Great Culture, Great Rewards and Great Careers. GEICO is seeking an experienced Sr. Staff Engineer, Operations Engineer with a passion for managing complex programs across multiple departments and team to build Product Security operational excellence from the ground up. You will help drive our business transformation as we transition from a traditional IT model to a tech organization with engineering excellence as its mission. The Sr. Staff Engineer, Operations is a key member of the Product Security leadership team working across the organization to ensure successful delivery of effective security controls and prioritization of initiatives and issue management. In this role you will own a portfolio of initiatives such as compliance, engineering and operational excellence and vendor engagement. This is beyond technical project management and requires a background in building teams, delivering solutions and proving success with KPIs and visible metrics. The ideal candidate will have excellent communication skills, real world examples in engaging the right technical partners and leadership to drive towards solutions and get people working together. ​​​As a Sr Staff Engineer, you will lead efforts to identify, plan, and deliver program security outcomes by independently engaging a broad set of internal and external stakeholders. This also includes the following: Monitor and track signals of security gaps, initiative delays, compliance risks due to system issues, and drive resolution.

Create visuals on current performance and risk indicators related to product security initiatives and operations.

Help to develop standards on reporting product security tool effectiveness, maturity, resilience and other factors in determining risks as they come up.

Help drive automation of routine tasks to drive growth in security protection and detection technologies.

Provide expert guidance, demonstrations and lead discussions on security best practices to stakeholders and leadership.

Works in lockstep with our CSIRT, GRC, Platform Security, Development/Product organizations and Technology partner teams to ensure protection coverages, proper detection event notifications, documentation and standards we can all use.

Organize, store and manage operational best practices documentation for security solutions to protect our business products including applications, services, code and associated repositories, infrastructure as code (IaC), and code related to deployment pipelines.

Partner with the project sponsors, delivery teams, and stakeholders to deliver quality solutions on time and within budget by coordinating project activities across multiple systems, departments, and teams.

Create, maintain, and actively manage a detailed project schedule, change control process, and documentation.

Identify and raise appropriate security risks, in addition to presenting detailed and implementable solutions or alternatives, and drive those campaigns to resolution.

Qualifications Demonstrated understanding of application security tooling and testing including, SAST, DAST, SCA, etc. as well as cross-functional awareness of security operations including SOC, Incident Response, Privacy, Legal, Vulnerability Management, and Data Protection.

Familiar with OWASP projects and implementation within the product security organization such as, Web Top Ten, API Top Ten, Mobile Top Ten and ASVS.

Knowledge of data access languages such as SQL and GraphQL and the ability to construct queries against data sources.

Extensive experience in engineering and solution delivery in a dynamic service provider environment.

Strong knowledge of project management methodologies and best practices.

Proven track record of successfully managing large/complex projects across cross-functional teams, building processes and coordinating delivery

Working knowledge of security services and their impact on production systems including runtime protection services, detective and protective agents and/or daemon sets, vulnerability and application scanning, etc..

Experience in a multi-cloud environment including AWS, Azure, and/or Google Cloud.

Experience communicating and presenting to senior and junior staff with the ability to influence development partners and stakeholders.

Detail and deadline oriented with effective organizational and analytic skills

Strong critical thinking, problem solving, decision making, and analytical skills

Outstanding time management skills and attention to detail

Excellent verbal/written communication skills, including the ability to clearly document findings, proposals, issues, and status

Experience with continuous delivery

Self-motivated and able to work independently while coordinating activities with cross-divisional teams

Effective leadership qualities, ability to influence without direct management authority

​Ability to excel in a fast-paced, startup-like environment.

Knowledge of industry-standard security control frameworks including NIST, PCI, SOX, NYDFS.

Preferred Qualifications: Knowledge in a hybrid cloud environment such including Containerization, VMs, CI/CD pipeline, IaC

Experience defining KPI’s/SLA’s used to drive multi-million-dollar businesses and reporting to senior leadership.

Experience 8+ years in engineering focused role, preferably in the tech industry

4+ years of experience with AWS, GCP, Azure, or other cloud providers

4+ years in a senior role influencing company direction

Experience applying engineering to meet or exceed third party attestation requirements (PCI, SOX, …).

Education Bachelor’s degree in Computer Science, Cyber Security, or equivalent education with work experience

Third party certifications on engineering related technologies.

Annual Salary $115,000.00 - $260,000.00 The above annual salary range is a general guideline. Multiple factors are taken into consideration to arrive at the final hourly rate/ annual salary to be offered to the selected candidate. Factors include, but are not limited to, the scope and responsibilities of the role, the selected candidate’s work experience, education and training, the work location as well as market and business considerations. At this time, GEICO will not sponsor a new applicant for employment authorization for this position. The GEICO Pledge: Great Company:  At GEICO, we help our customers through life’s twists and turns. Our mission is to protect people when they need it most and we’re constantly evolving to stay ahead of their needs. We’re an iconic brand that thrives on innovation, exceeding our customers’ expectations and enabling our collective success. From day one, you’ll take on exciting challenges that help you grow and collaborate with dynamic teams who want to make a positive impact on people’s lives. Great Careers:  We offer a career where you can learn, grow, and thrive through personalized development programs, created with your career – and your potential – in mind. You’ll have access to industry leading training, certification assistance, career mentorship and coaching with supportive leaders at all levels. Great Culture:  We foster an inclusive culture of shared success, rooted in integrity, a bias for action and a winning mindset. Grounded by our core values, we have an an established culture of caring, inclusion, and belonging, that values different perspectives. Our teams are led by dynamic, multi-faceted teams led by supportive leaders, driven by performance excellence and unified under a shared purpose. As part of our culture, we also offer employee engagement and recognition programs that reward the positive impact our work makes on the lives of our customers. Great Rewards:  We offer compensation and benefits built to enhance your physical well-being, mental and emotional health and financial future. Comprehensive Total Rewards program that offers personalized coverage tailor-made for you and your family’s overall well-being. Financial benefits including market-competitive compensation; a 401K savings plan vested from day one that offers a 6% match; performance and recognition-based incentives; and tuition assistance. Access to additional benefits like mental healthcare as well as fertility and adoption assistance. Supports flexibility- We provide workplace flexibility as well as our GEICO Flex program, which offers the ability to work from anywhere in the US for up to four weeks per year.