Sr Staff Engineer - Endpoint Security
MD Chevy Chase (Office) - JPS
GEICO
Get insurance from a company that's been trusted since 1936. See how much you can save with GEICO on insurance for your car, motorcycle, and more.Our Sr Staff Engineer will proactively and holistically drive, lead, and support, Security detection and prevention strategies with proof and validation of our controls. You will help our business transformation as we transition from a traditional IT Security model to a tech organization with engineering excellence as its mission, while co-creating a culture of leveraging security to enable the business and protecting against the latest threats.
Our Sr Staff Engineer works with Staff and Sr. Engineers to innovate and lead new initiatives, improve Security, and enhance existing systems while also identifying new opportunities with an offensive security mindset to find critical problems and solve at a rapid pace. You will help lead the confirmation our systems are protected through automated testing and continuous improvement to raise the bar and foster a proactive security culture which also enables the business without impact. The ideal candidate has deep technical expertise in this domain and an attacker/defender adversarial background.
As a Sr Staff Engineer, you will:
• Influence and educate staff at all levels to bring a security minded approach to difficult challenges balancing usability and security.
• Collaborate with managers, team members, engineering leaders, and peer security teams to solve complex problems with minimal business impact.
• Define roadmaps for securing endpoints with purposeful and functional security without impacting or unnecessary overhead.
• Be accountable for the quality, usability, and functional validation of the solutions.
• Proactively identify opportunities to enhance security measures, streamline processes, and optimize tooling to fortify our environment against emerging threats.
• Help develop and implement policies, standards, and guidelines to ensure compliance with industry regulations and frameworks, promoting security as an integral part of our operation by partnering with external teams and their leadership.
• Deliver automation initiatives, conduct advanced research, and develop proofs of concept to enhance our security capabilities and improve overall efficiency.
• Provide motivating demonstrations and communications to show the value of our security measures to the business, highlighting the low impact on systems, improved operability and resiliency.
• Work with our business partners to help derive and validate mitigation techniques for identified threats and/or non-compliance.
Qualifications
• Extensive experience in security products and frameworks: MDM, EDR, FIM, SIEM, EPM, DLP and related endpoint controls.
• Extensive experience in offensive and defensive security roles, with a strong hacker mindset.
• Experience communicating and presentation to senior and junior staff with the ability to influence stakeholders.
• Experience in a multi-platform environment with Linux, Mac, Windows.
• Experience with multiple IaaS platforms from top tier providers.
• Experience with solving security control requirements with engineering approaches.
• Ability to excel in a fast-paced, startup-like environment.
• Ability to design, perform experiments, and influence security detection and protection solutions.
• Strong knowledge of industry-standard security tools, frameworks, and best practices including Mitre, CIS and NIST.
• Demonstratable proficiency in common scripting languages with examples of automation at scale.
• Experience working with auditors and demonstrating security controls.
Experience
• 8+ years in a dedicated security role, preferably in the tech industry
• 3+ years of experience with AWS, GCP, Azure, or other cloud providers
• 3+ years in a senior role influencing company direction on security
• 3+ year in penetration testing, writing reports and determining countermeasures.
• Experience applying security controls to exceed third party attestation requirements (PCI, SOC, …).
Education
• Bachelor’s degree in Computer Science, Cyber Security, or equivalent education with work experience
• Third party certifications on penetration testing/ethical hacking, exploit detection and evasion techniques, and related.
Annual Salary
$130,000.00 - $260,000.00The above annual salary range is a general guideline. Multiple factors are taken into consideration to arrive at the final hourly rate/ annual salary to be offered to the selected candidate. Factors include, but are not limited to, the scope and responsibilities of the role, the selected candidate’s work experience, education and training, the work location as well as market and business considerations.
Benefits:
As an Associate, you’ll enjoy our Total Rewards Program* to help secure your financial future and preserve your health and well-being, including:
- Premier Medical, Dental and Vision Insurance with no waiting period**
- Paid Vacation, Sick and Parental Leave
- 401(k) Plan
- Tuition Reimbursement
- Paid Training and Licensures
*Benefits may be different by location. Benefit eligibility requirements vary and may include length of service.
**Coverage begins on the date of hire. Must enroll in New Hire Benefits within 30 days of the date of hire for coverage to take effect.
The equal employment opportunity policy of the GEICO Companies provides for a fair and equal employment opportunity for all associates and job applicants regardless of race, color, religious creed, national origin, ancestry, age, gender, pregnancy, sexual orientation, gender identity, marital status, familial status, disability or genetic information, in compliance with applicable federal, state and local law. GEICO hires and promotes individuals solely on the basis of their qualifications for the job to be filled.
GEICO reasonably accommodates qualified individuals with disabilities to enable them to receive equal employment opportunity and/or perform the essential functions of the job, unless the accommodation would impose an undue hardship to the Company. This applies to all applicants and associates. GEICO also provides a work environment in which each associate is able to be productive and work to the best of their ability. We do not condone or tolerate an atmosphere of intimidation or harassment. We expect and require the cooperation of all associates in maintaining an atmosphere free from discrimination and harassment with mutual respect by and for all associates and applicants.
Tags: Automation AWS Azure Cloud Compliance Computer Science EDR Endpoint security Ethical hacking Exploit GCP IaaS Linux NIST Offensive security Pentesting Scripting SIEM SOC Windows
Perks/benefits: Health care Insurance Medical leave Parental leave Startup environment
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.