GEICO
Sr. Manager, Staff Software Engineering - VM (Hybrid)
GEICO, Chevy Chase, Maryland, United States, 20815
Senior Manager, Staff Software Engineering
GEICO is seeking a Senior Engineering Manager - Cybersecurity, who is a highly skilled thought leader to drive massive engineering initiatives in Cybersecurity from inception to launch. This role requires deep understanding of engineering and security best practices for leading design, architecture, and DevOps of highly scalable systems in a hybrid environment. This role will be responsible for leading a team of software, security, and system engineers to build and implement security systems for Vulnerability Management and Offensive Security to protect enterprise-wide assets through collaboration with cross-functional teams. Responsibilities
Develop and maintain a comprehensive Vulnerability Management engineering roadmap that aligns with industry best practices. Lead a team of software developers and security engineers in the execution of GEICO’s security strategies and action plans. Collaborate with technology engineering, product management, and other stakeholders to integrate security tooling into the software development lifecycle (SDLC). Oversee the validation and prioritization of security vulnerabilities within services, applications and products. Provide expertise as required in security during the design, implementation, and the continual support of our products. Participate in the enhancement of security awareness and train developers and other relevant staff in secure coding practices. Establish metrics and regular reporting mechanisms for measuring security status and the effectiveness of the application and product security tooling. Respond to security incidents and provide post-mortem analysis to illuminate the root cause and prevent recurrence as necessary. Keep abreast of the latest security regulations, advisories, alerts, and vulnerabilities pertaining to the company and its mission. Identify and raise appropriate project risks, in addition to presenting detailed and implementable solutions or alternatives. Understand how requirements and design choices may impact systems across multiple areas. Report on your team’s progress for project and other key metrics, in addition to presenting detailed and implementable ideas for areas to further improve or influence product or project delivery. Initiate and support performance evaluation of team members. Cultivate a culture that motivates all levels of performers to higher levels of achievement. Execute change management processes and best practices, adapting approach as necessary. What You Will Need
Proven success implementing large scale projects across multiple disciplines. Reputation as someone who engages with team members effectively. Ability to invest time in career counseling others and encouraging associates to grow and stretch into new roles. Deep understanding of multiple business domains and the application ecosystems they depend upon. Constructing, interpreting, and applying metrics to your work and decision making. Initiative and creativity in solving problems and driving innovation through others. Delivery of information in a clear and concise manner appropriate to the audience. Embracing ownership of both successes and failures, demonstrating leadership maturity. Ability to balance multiple assignments across multiple teams and dependency areas. Confidence with decision making. Understanding of how projects interrelate and have a strategic impact. Ability to build and maintain a network of contacts. Continued understanding of and growth in emotional intelligence. Qualifications
10+ years of professional software engineering experience, including software development lifecycle best practices. 5+ years of development in a large-scale, mission-critical environment. 5+ years of hands-on work experience supervising personnel in a technical environment. Experience in building highly scalable systems preferably in security domain in a hybrid cloud environment. Demonstrated experience with engineering excellence including secure coding practices, threat modeling, and DevSecOps. Excellent understanding and knowledge of application development life cycle methodologies such as agile software development, rapid prototyping, incremental value-add, synchronize, and stabilize. Strong leadership and team management skills. Excellent communication skills, both verbal and written. Ability to work under pressure and make decisions in challenging situations. Strong problem-solving skills, ability to think critically and ethically. Knowledge of programming languages such as Python, Java, C, JavaScript, GoLang, or Rust. Understanding of application security frameworks, standards, and best practices (e.g., OWASP, SANS, NIST). Experience with vulnerability scanning, CVE triaging, detection, risk assessment, prioritization, and remediation is a plus. Security-related certifications (such as CISSP, CISM, or CompTIA Security+) are a plus. Education
Bachelor’s degree in Computer Science, Cyber Security, or equivalent education with work experience. 5+ years of hands-on experience performing penetration-testing, red teaming, and purple teaming activities. 4+ years of experience with Azure, AWS, GCP or other cloud providers. Senior role influencing company direction on security. Experience applying security controls to exceed third party attestation requirements (PCI, NYDFS, SOX, etc.). Annual Salary
$150,000.00 - $300,000.00 The GEICO Pledge: Great Company, Great Culture, Great Rewards and Great Careers. GEICO will consider sponsoring a new qualified applicant for employment authorization for this position.
#J-18808-Ljbffr
GEICO is seeking a Senior Engineering Manager - Cybersecurity, who is a highly skilled thought leader to drive massive engineering initiatives in Cybersecurity from inception to launch. This role requires deep understanding of engineering and security best practices for leading design, architecture, and DevOps of highly scalable systems in a hybrid environment. This role will be responsible for leading a team of software, security, and system engineers to build and implement security systems for Vulnerability Management and Offensive Security to protect enterprise-wide assets through collaboration with cross-functional teams. Responsibilities
Develop and maintain a comprehensive Vulnerability Management engineering roadmap that aligns with industry best practices. Lead a team of software developers and security engineers in the execution of GEICO’s security strategies and action plans. Collaborate with technology engineering, product management, and other stakeholders to integrate security tooling into the software development lifecycle (SDLC). Oversee the validation and prioritization of security vulnerabilities within services, applications and products. Provide expertise as required in security during the design, implementation, and the continual support of our products. Participate in the enhancement of security awareness and train developers and other relevant staff in secure coding practices. Establish metrics and regular reporting mechanisms for measuring security status and the effectiveness of the application and product security tooling. Respond to security incidents and provide post-mortem analysis to illuminate the root cause and prevent recurrence as necessary. Keep abreast of the latest security regulations, advisories, alerts, and vulnerabilities pertaining to the company and its mission. Identify and raise appropriate project risks, in addition to presenting detailed and implementable solutions or alternatives. Understand how requirements and design choices may impact systems across multiple areas. Report on your team’s progress for project and other key metrics, in addition to presenting detailed and implementable ideas for areas to further improve or influence product or project delivery. Initiate and support performance evaluation of team members. Cultivate a culture that motivates all levels of performers to higher levels of achievement. Execute change management processes and best practices, adapting approach as necessary. What You Will Need
Proven success implementing large scale projects across multiple disciplines. Reputation as someone who engages with team members effectively. Ability to invest time in career counseling others and encouraging associates to grow and stretch into new roles. Deep understanding of multiple business domains and the application ecosystems they depend upon. Constructing, interpreting, and applying metrics to your work and decision making. Initiative and creativity in solving problems and driving innovation through others. Delivery of information in a clear and concise manner appropriate to the audience. Embracing ownership of both successes and failures, demonstrating leadership maturity. Ability to balance multiple assignments across multiple teams and dependency areas. Confidence with decision making. Understanding of how projects interrelate and have a strategic impact. Ability to build and maintain a network of contacts. Continued understanding of and growth in emotional intelligence. Qualifications
10+ years of professional software engineering experience, including software development lifecycle best practices. 5+ years of development in a large-scale, mission-critical environment. 5+ years of hands-on work experience supervising personnel in a technical environment. Experience in building highly scalable systems preferably in security domain in a hybrid cloud environment. Demonstrated experience with engineering excellence including secure coding practices, threat modeling, and DevSecOps. Excellent understanding and knowledge of application development life cycle methodologies such as agile software development, rapid prototyping, incremental value-add, synchronize, and stabilize. Strong leadership and team management skills. Excellent communication skills, both verbal and written. Ability to work under pressure and make decisions in challenging situations. Strong problem-solving skills, ability to think critically and ethically. Knowledge of programming languages such as Python, Java, C, JavaScript, GoLang, or Rust. Understanding of application security frameworks, standards, and best practices (e.g., OWASP, SANS, NIST). Experience with vulnerability scanning, CVE triaging, detection, risk assessment, prioritization, and remediation is a plus. Security-related certifications (such as CISSP, CISM, or CompTIA Security+) are a plus. Education
Bachelor’s degree in Computer Science, Cyber Security, or equivalent education with work experience. 5+ years of hands-on experience performing penetration-testing, red teaming, and purple teaming activities. 4+ years of experience with Azure, AWS, GCP or other cloud providers. Senior role influencing company direction on security. Experience applying security controls to exceed third party attestation requirements (PCI, NYDFS, SOX, etc.). Annual Salary
$150,000.00 - $300,000.00 The GEICO Pledge: Great Company, Great Culture, Great Rewards and Great Careers. GEICO will consider sponsoring a new qualified applicant for employment authorization for this position.
#J-18808-Ljbffr