Senior Engineering Manager - Cybersecurity (Remote)
Geico Insurance - Chevy Chase, MD
posted 4 days ago
About the position
GEICO is seeking a Senior Engineering Manager - Cybersecurity, who is a highly skilled thought leader to drive massive engineering initiatives in Cybersecurity from inception to launch. This role requires deep understanding of engineering and security best practices for leading design, architecture, and DevOps of highly scalable systems in a hybrid environment. This role will be responsible for leading a team of software, security, and system engineers to build and implement security systems for Vulnerability Management and Offensive Security to protect enterprise wide assets through collaboration with cross-functional teams. The ideal candidate for this role is a deeply technical leader who maintains a strong connection with both customers and the underlying architecture and design of systems. This individual excels at coaching their team to develop scalable solutions while fostering collaboration across the organization by engaging with key leaders to leverage collective expertise. They demonstrate a keen ability to dive deep into complex problems to fully understand how systems operate, discerning when to make incremental improvements and when to challenge the status quo to drive impactful results. They are well-versed with Vulnerability Management Lifecycle - asset discovery, internal/external scans, contextualization and risk-based assessment, triaging of CVEs, detection authoring, security data pipeline, reporting, and remediation. This role reports to the Sr Director and is critical to our cybersecurity objectives. The position requires a strong engineering background, solid leadership skills, and a deep understanding of secure software development, development practices, and DevSecOps. The successful candidate will play a key role in maintaining a strong security posture for the company through close collaboration with infrastructure, development, product, and other organizations across GEICO to integrate security into the ecosystem from design through deployment to sustainable operations.
Responsibilities
- Develop and maintain a comprehensive Vulnerability Management engineering roadmap that aligns with industry best practices.
- Lead a team of software developers and security engineers in the execution of GEICO's security strategies and action plans.
- Collaborate with technology engineering, product management, and other stakeholders to integrate security tooling into the software development lifecycle (SDLC).
- Oversee the validation and prioritization of security vulnerabilities within services, applications and products.
- Provide expertise as required in security during the design, implementation, and the continual support of our products.
- Participate in the enhancement of security awareness and train developers and other relevant staff in secure coding practices.
- Establish metrics and regular reporting mechanisms for measuring security status and the effectiveness of the application and product security tooling.
- Respond to security incidents and provide post-mortem analysis to illuminate the root cause and prevent recurrence as necessary.
- Keep abreast of the latest security legislations, regulations, advisories, alerts, and vulnerabilities pertaining to the company and its mission.
- Identify and raise appropriate project risks, in addition to presenting detailed and implementable solutions or alternatives.
- Understand how requirements and design choices may impact systems across multiple areas.
- Report on your team's progress for project and other key metrics, in addition to presenting detailed and implementable ideas for areas to further improve or influence product or project delivery.
- Initiate and support performance evaluation of team members.
- Cultivate a culture that motivates all levels of performers to higher levels of achievement.
- Execute change management processes and best practices, adapting approach as necessary.
Requirements
- Proven success implementing large scale projects across multiple disciplines.
- Reputation as someone who engages with team members effectively.
- Identified as someone who genuinely cares about others and invests time and attention in career counseling others.
- Deep understanding of multiple business domains as well as the application ecosystems they depend upon.
- Constructing, interpreting, and applying metrics to your work and decision making.
- Initiative and creativity in solving problems and driving innovation through others.
- Delivery of information in a clear and concise manner appropriate to the audience.
- Embracing ownership of both successes and failures, demonstrating leadership maturity.
- Ability to balance multiple assignments distributed across multiple teams and dependency areas.
- Confidence with decision making.
- Clearly able to see how projects interrelate and have a strategic impact.
- Ability to build and maintain a network of contacts.
- Continued understanding of and growth in emotional intelligence.
Nice-to-haves
- Security-related certifications (such as CISSP, CISM, or CompTIA Security+) are a plus.
Benefits
- Premier Medical, Dental and Vision Insurance with no waiting period.
- Paid Vacation, Sick and Parental Leave.
- 401(k) Plan.
- Tuition Assistance.
- Paid Training and Licensures.
