Cloud Security Engineer
GEICO
The Staff Engineer – Cloud security Engineer position reports to the Senior Manager of Cyber Engineering and works closely with infrastructure, development, product, and other organizations across GEICO to integrate security into the ecosystem from design through deployment to sustainable operations. The Staff Engineer is a subject matter expert in defining cloud security requirements, defining secure infrastructure architectures, performing infrastructure and service security assessments, and providing security patterns.
Position Responsibilities
As a Cloud Security Engineer, you will:
Develop, integrate, and maintain multilevel cybersecurity designs, architectures, policies, standards and procedures
Provide technical solutions, integration decisions, analyzing design constraints and trade-offs in system and security design, and ensuring integrity of GEICO mission objectives, while following Secure by Design principles.
Serve as a technical advisor and consultant to GEICO Cybersecurity organization on the implementation of Cybersecurity policies and standards.
Provide secure design guidance and recommendations to developers, infrastructure, cybersecurity, and other engineers.
Lead security projects driven by groups both internal and external to cybersecurity.
Act as subject matter expert across several areas of network & information security, data Security, Identity Security.
Developed Security Policy using Policy as a code and enforcement policy in SDLC process to enable shift-left DevSecOps practice.
Qualifications:
Experience as Application, Platform or Security Architecture
Experience in performing Data Risk Assessment, Third Party Assessment, App Sec Review, Cyber Secure Engineering Review and Threat modeling.
Programming experience with at least one modern language such as GO, Java, or C# including object-oriented design.
Experience with at least one of scripting language Python, Terraform or Ansible
Advanced understanding of DevOps Concepts and Cloud Architecture
Knowledge of Kubernetes, Advanced understanding of security protocols and products
Proficient level experience in designing, developing, and managing infrastructure automation solutions in one of the Cloud providers Azure, AWS or GCP
Strong problem-solving abilities with a proactive approach to security risk mitigation
Experience in at least two of the following disciplines: Security solution design, Security infrastructure architecture, Network security management, Cloud security Development
CNAPP- CSPM & CWP Security Policy implementation
Excellent understanding and knowledge of secure software development life cycle methodologies such as secure design, threat modeling, agile software development, rapid prototyping, and DevSecOps practice
Commands a well-developed understanding of strategic, emerging security/cloud technology trends
Experience with one of core Security Framework – NIST, PCI, ISO
Certification Preferred:
CISSP
CCSP
any Cloud security Certification
Education:
Bachelor's degree in computer science, Information Systems, or equivalent education or work experience
Annual Salary
$90,000.00 - $230,000.00The above annual salary range is a general guideline. Multiple factors are taken into consideration to arrive at the final hourly rate/ annual salary to be offered to the selected candidate. Factors include, but are not limited to, the scope and responsibilities of the role, the selected candidate’s work experience, education and training, the work location as well as market and business considerations.
Benefits:
As an Associate, you’ll enjoy our Total Rewards Program* to help secure your financial future and preserve your health and well-being, including:
- Premier Medical, Dental and Vision Insurance with no waiting period**
- Paid Vacation, Sick and Parental Leave
- 401(k) Plan
- Tuition Reimbursement
- Paid Training and Licensures
*Benefits may be different by location. Benefit eligibility requirements vary and may include length of service.
**Coverage begins on the date of hire. Must enroll in New Hire Benefits within 30 days of the date of hire for coverage to take effect.
The equal employment opportunity policy of the GEICO Companies provides for a fair and equal employment opportunity for all associates and job applicants regardless of race, color, religious creed, national origin, ancestry, age, gender, pregnancy, sexual orientation, gender identity, marital status, familial status, disability or genetic information, in compliance with applicable federal, state and local law. GEICO hires and promotes individuals solely on the basis of their qualifications for the job to be filled.
GEICO reasonably accommodates qualified individuals with disabilities to enable them to receive equal employment opportunity and/or perform the essential functions of the job, unless the accommodation would impose an undue hardship to the Company. This applies to all applicants and associates. GEICO also provides a work environment in which each associate is able to be productive and work to the best of their ability. We do not condone or tolerate an atmosphere of intimidation or harassment. We expect and require the cooperation of all associates in maintaining an atmosphere free from discrimination and harassment with mutual respect by and for all associates and applicants.