Cloud Security Engineer

$90,000 - $230,000/Yr

Geico - Chevy Chase, MD

posted 3 months ago

Full-time - Mid Level
Chevy Chase, MD
5,001-10,000 employees
Insurance Carriers and Related Activities

About the position

The Staff Engineer - Cloud Security Engineer position at GEICO is a pivotal role that reports to the Senior Manager of Cyber Engineering. This position is integral to the organization's mission of integrating security into the ecosystem from design through deployment to sustainable operations. As a subject matter expert, the Staff Engineer will define cloud security requirements, establish secure infrastructure architectures, conduct infrastructure and service security assessments, and provide security patterns that align with GEICO's objectives. In this role, you will be responsible for developing, integrating, and maintaining multilevel cybersecurity designs, architectures, policies, standards, and procedures. You will provide technical solutions and integration decisions while analyzing design constraints and trade-offs in system and security design. Your work will ensure the integrity of GEICO's mission objectives, adhering to the Secure by Design principles. Additionally, you will serve as a technical advisor and consultant to the GEICO Cybersecurity organization, guiding the implementation of cybersecurity policies and standards. You will also lead security projects driven by both internal and external groups, acting as a subject matter expert across various areas of network and information security, data security, and identity security. Your expertise will be crucial in developing security policies using Policy as Code and enforcing these policies in the Software Development Life Cycle (SDLC) process to enable a shift-left DevSecOps practice.

Responsibilities

  • Develop, integrate, and maintain multilevel cybersecurity designs, architectures, policies, standards, and procedures.
  • Provide technical solutions and integration decisions, analyzing design constraints and trade-offs in system and security design.
  • Ensure integrity of GEICO mission objectives while following Secure by Design principles.
  • Serve as a technical advisor and consultant to GEICO Cybersecurity organization on the implementation of Cybersecurity policies and standards.
  • Provide secure design guidance and recommendations to developers, infrastructure, cybersecurity, and other engineers.
  • Lead security projects driven by groups both internal and external to cybersecurity.
  • Act as subject matter expert across several areas of network & information security, data security, and identity security.
  • Develop Security Policy using Policy as Code and enforce policy in SDLC process to enable shift-left DevSecOps practice.

Requirements

  • Experience as Application, Platform or Security Architecture.
  • Experience in performing Data Risk Assessment, Third Party Assessment, App Sec Review, Cyber Secure Engineering Review, and Threat modeling.
  • Programming experience with at least one modern language such as GO, Java, or C# including object-oriented design.
  • Experience with at least one scripting language: Python, Terraform, or Ansible.
  • Advanced understanding of DevOps Concepts and Cloud Architecture.
  • Knowledge of Kubernetes and advanced understanding of security protocols and products.
  • Proficient level experience in designing, developing, and managing infrastructure automation solutions in one of the Cloud providers: Azure, AWS, or GCP.
  • Strong problem-solving abilities with a proactive approach to security risk mitigation.
  • Experience in at least two of the following disciplines: Security solution design, Security infrastructure architecture, Network security management, Cloud security Development, CNAPP- CSPM & CWP Security Policy implementation.
  • Excellent understanding and knowledge of secure software development life cycle methodologies such as secure design, threat modeling, agile software development, rapid prototyping, and DevSecOps practice.
  • Commands a well-developed understanding of strategic, emerging security/cloud technology trends.
  • Experience with one of core Security Frameworks - NIST, PCI, ISO.

Nice-to-haves

  • CISSP
  • CCSP
  • any Cloud security Certification.

Benefits

  • Premier Medical, Dental and Vision Insurance with no waiting period.
  • Paid Vacation, Sick and Parental Leave.
  • 401(k) Plan.
  • Tuition Reimbursement.
  • Paid Training and Licensures.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service