GEICO
Senior Staff Operations Engineer - Product Security (REMOTE)
GEICO, San Jose, California, United States, 95199
Senior Staff Operations Engineer - Product Security (REMOTE)
GEICO
is seeking an experienced
Sr. Staff Engineer, Operations Engineer
with a passion for managing complex programs across multiple departments and teams to build Product Security operational excellence from the ground up. This role is remote. Overview
The Sr. Staff Engineer, Operations is a key member of the Product Security leadership team, working across the organization to ensure successful delivery of effective security controls and prioritization of initiatives and issue management. You will own a portfolio of initiatives such as compliance, engineering and operational excellence, and vendor engagement. This role goes beyond technical project management and requires a background in building teams, delivering solutions, and proving success with KPIs and visible metrics. The ideal candidate will have excellent communication skills and experience engaging the right technical partners and leadership to drive toward solutions. Responsibilities
Identify, plan, and deliver program security outcomes by engaging a broad set of internal and external stakeholders. Monitor and track signals of security gaps, initiative delays, compliance risks due to system issues, and drive resolution. Create visuals on current performance and risk indicators related to product security initiatives and operations. Develop standards on reporting product security tool effectiveness, maturity, resilience, and other factors in determining risks. Drive automation of routine tasks to advance security protection and detection technologies. Provide expert guidance, demonstrations, and lead discussions on security best practices to stakeholders and leadership. Collaborate with CSIRT, GRC, Platform Security, Development/Product organizations and Technology partner teams to ensure protection coverage, event notifications, documentation, and standards. Organize, store, and manage operational best practices documentation for security solutions across applications, services, code, repositories, IaC, and deployment pipelines. Partner with project sponsors and delivery teams to deliver quality solutions on time and within budget by coordinating activities across multiple systems and teams. Maintain detailed project schedules, change control processes, and documentation; identify and raise security risks with implementable solutions. Qualifications
Demonstrated understanding of application security tooling and testing (SAST, DAST, SCA) with cross-functional awareness of security operations (SOC, Incident Response, Privacy, Legal, Vulnerability Management, Data Protection). Familiar with OWASP projects and implementation within product security (Web Top Ten, API Top Ten, Mobile Top Ten, ASVS). Knowledge of data query languages (SQL, GraphQL) and ability to construct queries against data sources. Extensive experience in engineering and solution delivery in a dynamic service provider environment. Strong knowledge of project management methodologies and best practices. Proven track record of managing large/complex projects across cross-functional teams, building processes and coordinating delivery. Working knowledge of security services and their impact on production systems (runtime protection, detectors, vulnerability scanning, etc.). Experience in a multi-cloud environment (AWS, Azure, and/or Google Cloud). Experience communicating to senior and junior staff with the ability to influence development partners and stakeholders. Detail- and deadline-oriented with strong organizational and analytical skills. Excellent verbal/written communication skills; ability to document findings, proposals, issues, and status clearly. Experience with continuous delivery; self-motivated and capable of working independently while coordinating cross-divisional activities. Effective leadership qualities and ability to influence without direct management authority. Ability to excel in a fast-paced, startup-like environment. Knowledge of industry-standard security control frameworks (NIST, PCI, SOX, NYDFS). Preferred Qualifications
Knowledge in a hybrid cloud environment including containers, VMs, CI/CD pipelines, and IaC. Experience defining KPIs/SLAs used to drive multi-million-dollar businesses and reporting to senior leadership. Experience
8+ years in an engineering-focused role, preferably in tech. 4+ years of experience with AWS, GCP, Azure, or other cloud providers. 4+ years in a senior role influencing company direction. Experience applying engineering to meet or exceed third-party attestation requirements (PCI, SOX, etc.). Education
Bachelor’s degree in Computer Science, Cyber Security, or equivalent education with work experience. Third-party certifications on engineering-related technologies. Salary
$115,000.00 - $260,000.00 per year Company information
The annual salary range is a general guideline. GEICO considers factors such as role scope, experience, education, training, location, market, and business considerations when making final offers. GEICO will not sponsor a new applicant for employment authorization for this position at this time. The GEICO Pledge
Great Company:
A mission to protect people when they need it most, with ongoing evolution to meet customer needs. We are an iconic brand that thrives on innovation and collaboration across dynamic teams. Great Careers:
Opportunities for learning, growth, development programs, mentorship, and coaching. Great Culture:
An inclusive culture rooted in integrity, action, and a winning mindset, with respect for diverse perspectives and mutual support. Great Rewards:
Compensation and benefits to support well-being, mental health, and financial future, including a Total Rewards program, 401K match, tuition assistance, and flexible work options. The GEICO equal employment opportunity policy provides for fair and equal employment opportunity for all associates and job applicants, regardless of race, color, religious creed, national origin, ancestry, age, gender, pregnancy, sexual orientation, gender identity, marital status, familial status, disability, or genetic information, in compliance with applicable law. GEICO reasonably accommodates qualified individuals with disabilities to enable equal opportunity and performance of essential functions. GEICO is committed to a workplace free from discrimination and harassment. Seniority level
Mid-Senior level Employment type
Full-time Job function
Engineering and Information Technology Industries
Insurance
#J-18808-Ljbffr
GEICO
is seeking an experienced
Sr. Staff Engineer, Operations Engineer
with a passion for managing complex programs across multiple departments and teams to build Product Security operational excellence from the ground up. This role is remote. Overview
The Sr. Staff Engineer, Operations is a key member of the Product Security leadership team, working across the organization to ensure successful delivery of effective security controls and prioritization of initiatives and issue management. You will own a portfolio of initiatives such as compliance, engineering and operational excellence, and vendor engagement. This role goes beyond technical project management and requires a background in building teams, delivering solutions, and proving success with KPIs and visible metrics. The ideal candidate will have excellent communication skills and experience engaging the right technical partners and leadership to drive toward solutions. Responsibilities
Identify, plan, and deliver program security outcomes by engaging a broad set of internal and external stakeholders. Monitor and track signals of security gaps, initiative delays, compliance risks due to system issues, and drive resolution. Create visuals on current performance and risk indicators related to product security initiatives and operations. Develop standards on reporting product security tool effectiveness, maturity, resilience, and other factors in determining risks. Drive automation of routine tasks to advance security protection and detection technologies. Provide expert guidance, demonstrations, and lead discussions on security best practices to stakeholders and leadership. Collaborate with CSIRT, GRC, Platform Security, Development/Product organizations and Technology partner teams to ensure protection coverage, event notifications, documentation, and standards. Organize, store, and manage operational best practices documentation for security solutions across applications, services, code, repositories, IaC, and deployment pipelines. Partner with project sponsors and delivery teams to deliver quality solutions on time and within budget by coordinating activities across multiple systems and teams. Maintain detailed project schedules, change control processes, and documentation; identify and raise security risks with implementable solutions. Qualifications
Demonstrated understanding of application security tooling and testing (SAST, DAST, SCA) with cross-functional awareness of security operations (SOC, Incident Response, Privacy, Legal, Vulnerability Management, Data Protection). Familiar with OWASP projects and implementation within product security (Web Top Ten, API Top Ten, Mobile Top Ten, ASVS). Knowledge of data query languages (SQL, GraphQL) and ability to construct queries against data sources. Extensive experience in engineering and solution delivery in a dynamic service provider environment. Strong knowledge of project management methodologies and best practices. Proven track record of managing large/complex projects across cross-functional teams, building processes and coordinating delivery. Working knowledge of security services and their impact on production systems (runtime protection, detectors, vulnerability scanning, etc.). Experience in a multi-cloud environment (AWS, Azure, and/or Google Cloud). Experience communicating to senior and junior staff with the ability to influence development partners and stakeholders. Detail- and deadline-oriented with strong organizational and analytical skills. Excellent verbal/written communication skills; ability to document findings, proposals, issues, and status clearly. Experience with continuous delivery; self-motivated and capable of working independently while coordinating cross-divisional activities. Effective leadership qualities and ability to influence without direct management authority. Ability to excel in a fast-paced, startup-like environment. Knowledge of industry-standard security control frameworks (NIST, PCI, SOX, NYDFS). Preferred Qualifications
Knowledge in a hybrid cloud environment including containers, VMs, CI/CD pipelines, and IaC. Experience defining KPIs/SLAs used to drive multi-million-dollar businesses and reporting to senior leadership. Experience
8+ years in an engineering-focused role, preferably in tech. 4+ years of experience with AWS, GCP, Azure, or other cloud providers. 4+ years in a senior role influencing company direction. Experience applying engineering to meet or exceed third-party attestation requirements (PCI, SOX, etc.). Education
Bachelor’s degree in Computer Science, Cyber Security, or equivalent education with work experience. Third-party certifications on engineering-related technologies. Salary
$115,000.00 - $260,000.00 per year Company information
The annual salary range is a general guideline. GEICO considers factors such as role scope, experience, education, training, location, market, and business considerations when making final offers. GEICO will not sponsor a new applicant for employment authorization for this position at this time. The GEICO Pledge
Great Company:
A mission to protect people when they need it most, with ongoing evolution to meet customer needs. We are an iconic brand that thrives on innovation and collaboration across dynamic teams. Great Careers:
Opportunities for learning, growth, development programs, mentorship, and coaching. Great Culture:
An inclusive culture rooted in integrity, action, and a winning mindset, with respect for diverse perspectives and mutual support. Great Rewards:
Compensation and benefits to support well-being, mental health, and financial future, including a Total Rewards program, 401K match, tuition assistance, and flexible work options. The GEICO equal employment opportunity policy provides for fair and equal employment opportunity for all associates and job applicants, regardless of race, color, religious creed, national origin, ancestry, age, gender, pregnancy, sexual orientation, gender identity, marital status, familial status, disability, or genetic information, in compliance with applicable law. GEICO reasonably accommodates qualified individuals with disabilities to enable equal opportunity and performance of essential functions. GEICO is committed to a workplace free from discrimination and harassment. Seniority level
Mid-Senior level Employment type
Full-time Job function
Engineering and Information Technology Industries
Insurance
#J-18808-Ljbffr