About the position
At GEICO, we offer a rewarding career where your ambitions are met with endless possibilities. Every day we honor our iconic brand by offering quality coverage to millions of customers and being there when they need us most. We thrive through relentless innovation to exceed our customers’ expectations while making a real impact for our company through our shared purpose. When you join our company, we want you to feel valued, supported and proud to work here. That’s why we offer The GEICO Pledge: Great Company, Great Culture, Great Rewards and Great Careers. GEICO is seeking an experienced Senior Engineer to provide enterprise support for application security in our hybrid, multi-cloud environments. The Product Security Tools Senior Engineer proactively leads and supports Product Security activities that guide the design, development and security of code and code repositories for cloud-hosted and open-source applications. Current tools include CI/CD integrations, SAST, DAST, SCA, container scanning, and automated threat modeling.
Responsibilities
- Own managing our vendor/open source tooling, integrating functionality across multiple technology platforms such as GitHub Enterprise and Azure DevOps.
- Build out applications and automations to reach our team goals, better integrate across the Tech platforms, and focus on prioritizing the most critical vulnerabilities/findings engineering teams should fix.
- Develop and implement security policies and procedures.
- Collaborate with development teams to ensure secure coding practices are followed.
- Stay up to date with the latest security threats and trends.
- Provide guidance and mentorship to junior engineers.
Requirements
- Proficiency in programming languages such as Java, Python, .NET, JavaScript, or C++.
- Experience with security tools such as vulnerability scanners or static code scanning tools.
- Knowledge of web application security and how to support engineers with managing their security vulnerabilities as a result of the Product Security scanning tools.
- Strong analytical and problem-solving skills.
- Excellent communication and collaboration skills.
- Knowledge of various managed and database technologies like Cosmos, SQL, MySQL, MongoDB.
- Understanding and knowledge of application development life cycle methodologies such as waterfall, rapid prototyping, incremental, and DevOps.
- Familiar with navigating implementing and supporting vendor tools deployed in an enterprise environment.
- Understanding and applied use of OWASP Top 10, NIST CSF, PCI-DSS, etc.
Benefits
- Comprehensive Total Rewards program that offers personalized coverage tailor-made for you and your family’s overall well-being.
- Financial benefits including market-competitive compensation; a 401K savings plan vested from day one that offers a 6% match; performance and recognition-based incentives; and tuition assistance.
- Access to additional benefits like mental healthcare as well as fertility and adoption assistance.
- Supports flexibility- We provide workplace flexibility as well as our GEICO Flex program, which offers the ability to work from anywhere in the US for up to four weeks per year.
