Job Description

At GEICO, we offer a rewarding career where your ambitions are met with endless possibilities. Every day we honor our iconic brand by offering quality coverage to millions of customers and being there when they need us most. We thrive through relentless innovation to exceed our customers’ expectations while making a real impact for our company through our shared purpose. When you join our company, we want you to feel valued, supported and proud to work here. That’s why we offer The GEICO Pledge: Great Company, Great Culture, Great Rewards and Great Careers. GEICO is a leading insurance provider in the United States, committed to providing exceptional service and innovative financial protection solutions. We are seeking an experienced and talented Staff Security Engineer to optimize our cybersecurity governance program. As a Staff Security Engineer in the Cyber Governance department, you will work closely with technical and business teams to assess and drive policy lifecycle management, including content creation, standards alignment, security controls documentation, lifecycle management with evidence, and ensuring regulatory compliance. Position Description: This role provides technical and information security expertise for developing and implementing security policies and managing compliance obligations. You will evaluate and mitigate cybersecurity risks, ensure adherence to legal and industry standards, and develop policies, standards, and guidelines. A strong understanding of cybersecurity principles, risk management, and compliance frameworks is essential. As a Staff Security Engineer, you will: Be the main contact for policies, standards, controls, and remediation for non-compliance Assess and manage information security risks, collaborating with stakeholders to mitigate risks Coordinate with IT, compliance, legal, and risk teams to meet security requirements Conduct security assessments, audits, and compliance reviews Develop metrics and reporting mechanisms for security risks and compliance Work with external audits on security certifications like ISO 27001, SOC 2 Type 2 Prepare controls owners for audits Manage the compliance landscape and evidence requirements Assist in gathering audit evidence for PCI, NY DFS, and state exams Review evidence gathered by control owners Identify opportunities to automate manual processes and controls Develop and maintain cybersecurity policies, standards, and controls Create dashboards and reports on policy adherence Regularly review and update policies and procedures Maintain the governance, risk, and compliance SharePoint site Influence remediation and risk prioritization, demonstrating holistic risk management Serve as a cyber governance SME, providing advice and contingency planning Stay updated on regulatory changes and security trends Lead audit planning, preparation, and execution, collaborating with various stakeholders Educate stakeholders on security solutions and opportunities Drive innovation based on customer needs Share best practices and improve team processes Qualifications: Experience working independently, providing recommendations, leading projects Knowledge of security frameworks like NIST CSF 2.0, ISO 27001, SOC 2, PCI DSS, NY DFS, SOX 6+ years in cybersecurity compliance testing Experience leading audits Ability to work with technical and non-technical resources Strong project prioritization skills Understanding of security protocols like Active Directory, SAML, OAuth Experience with Azure platform and services 6+ years in security compliance frameworks Strong collaboration and problem-solving skills Excellent communication and research skills Ability to build relationships across teams Conflict resolution skills Ability to work independently Bachelor's Degree or equivalent preferred Annual Salary: $85,000 - $230,000 Salary factors include role scope, experience, education, location, and market considerations. GEICO considers sponsoring qualified applicants for employment authorization. #J-18808-Ljbffr GEICO

Job Tags

Similar Jobs