Geico - Chevy Chase, MD

posted about 2 months ago

Full-time - Mid Level
Chevy Chase, MD
Insurance Carriers and Related Activities

About the position

The Staff Engineer - Cybersecurity Data Protection at GEICO is a pivotal role within the Cybersecurity Data Security, Protection, and Privacy team. This position focuses on managing data protection efforts, conducting risk assessments, and implementing security measures to safeguard the organization's information systems and sensitive data. The individual will also mentor other data risk assessors and contribute to the development of the overall data security and protection program.

Responsibilities

  • Lead and conduct regular data risk assessments to identify potential vulnerabilities and threats to the organization's information systems and networks.
  • Analyze and evaluate the potential impact of identified vulnerabilities and threats on the organization's operations and sensitive data.
  • Develop and implement controls and countermeasures to mitigate or eliminate identified vulnerabilities and threats, such as software patching, configuration changes, and security controls.
  • Develop and maintain data security policies, procedures, standards, and ensure that they are followed by the entire organization.
  • Monitor the effectiveness of the implemented security measures and conduct regular testing to identify new vulnerabilities or threats that may have emerged.
  • Provide regular reports to relevant stakeholders, including management and IT teams, on the organization's cybersecurity risks and the effectiveness of the implemented security measures.
  • Collaborate with internal teams, including IT and business units, to understand the organization's risk appetite and develop risk management strategies that align with business objectives.
  • Keep abreast of new developments in the field of cybersecurity and ensure that the organization's risk assessment and data security processes are aligned with industry standards and best practices.
  • Act as an expert and mentor for other data protection engineers in the organization, providing guidance and support on data protection methodologies, techniques, and best practices.
  • Manage and supervise the work of other data protection engineers, including reviewing and approving their work when needed.
  • Work closely with other stakeholders to enforce data protection related policy and respond to regulatory requirements.
  • Represent the organization in external meetings and interactions with clients, stakeholders, and other industry experts.

Requirements

  • Experience with data protection technologies, such as encryption, tokenization, and data loss prevention tools.
  • Proficiency in programming languages such as Python, Java, or .Net.
  • Experience with designing and implementing data security solutions for enterprise environments.
  • Experience in managing and supervising other Data Protection Engineers.
  • Experience in developing and managing data protection programs focused on data discovery, data inventory, data risk assessments, and encryption for both structured and unstructured data.
  • Strong knowledge of cybersecurity laws, regulations, and best practices.
  • Knowledge of data security frameworks, standards, and protocols such as ISO 27001, NIST, and CIS.
  • Strong analytical and problem-solving skills.
  • Excellent communication and presentation skills to effectively communicate with management and other stakeholders.
  • Ability to excel in a fast-paced, startup-like environment.

Nice-to-haves

  • One or more of the following cybersecurity certifications are highly desired: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC).

Benefits

  • Premier Medical, Dental and Vision Insurance with no waiting period
  • Paid Vacation, Sick and Parental Leave
  • 401(k) Plan
  • Tuition Reimbursement
  • Paid Training and Licensures
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service