Talent.com
Staff Engineer - Product Security

Staff Engineer - Product Security

GEICOWashington, DC, United States
30+ days ago
Job type
  • Full-time
Job description

Base pay range

$105,000.00 / yr - $230,000.00 / yr

You can discuss level and final figure with recruiter.

GEICO Pledge

Our culture is built on Great Company, Great Culture, Great Rewards and Great Careers.

Job Summary

GEICO is seeking an experienced Staff Engineer to provide enterprise support for product security in our hybrid, multi‑cloud environments. You will proactively and holistically lead and support Product Security activities that guide the design, development, security of code, and code repositories for cloud, hybrid, and open‑source applications.

Position Responsibilities

  • Work independently with developers, system / network engineers, product owners, and other engineers to ensure secure design, development, and implementation of cloud‑based applications
  • Define and document secure architecture patterns and anti‑patterns
  • Perform security architecture design reviews of our products including web applications, services, and mobile applications
  • Define security best practices and standards and partner with Product Development teams to implement them
  • Provide remediation guidance and recommendations to developers and engineers
  • Serve as a technical advisor and consultant to colleagues and GEICO leadership on the implementation of the Cybersecurity application security policy and standards
  • Provide technical thought leadership for integration decisions, analyzing design constraints and trade‑offs in system and security design, ensuring integrity of GEICO mission objectives, while protecting GEICO assets from cyber threats and vulnerabilities
  • Work with Product Development teams to help prioritize and validate urgency of mitigation of identified product vulnerabilities and security feature enhancement requests
  • Interface with the Product and Cyber Security teams to track security feature enhancement requests
  • Help develop actionable insights, prioritizing the work based on risk and impact, and allocating resources effectively using GEICO specific large data sets

Qualifications

  • Hands‑on product development experience, with strict SLA and SLR, using a mature S‑SDLC
  • Direct experience working with development teams to define, develop and document secure solutions
  • Experience breaking down complex systems and applications to find flaws with analysis and threat modeling
  • Strong familiarity with common vulnerabilities and attack vectors
  • Knowledge of web service technologies, load balancer services (e.g., Nginx, Cloudflare, F5) and RESTful APIs
  • Knowledge of ubiquitous encryption technologies (PGP, SSH, SSL) and common authentication protocols (OpenID Connect, OAUTH, SAML, RADIUS, LDAP, KERBEROS)
  • Solid understanding of secure network, system, and service design in cloud (Azure, AWS, etc.) and conventional environments
  • Understanding and applied use of OWASP Top 10, NIST SP800 Series, NIST CSF, FIPS 140‑2, ISO 27001, PCI‑DSS, etc.
  • Knowledge of various aspects of a technology architecture like integration, network, and security
  • Advanced understanding and knowledge of application development life cycle methodologies (waterfall, spiral, agile, rapid prototyping, DevOps / SecDevOps)
  • Exposure to multiple, diverse security technologies, platforms, and processing environments
  • Strong command of strategic and emerging security / cloud technology trends, and the practical application of existing and emerging technologies to new and evolving business and operating models
  • Good understanding of product management, agile principles and development methodologies and capability of supporting agile teams by providing advice and guidance on opportunities, impact, and risks, taking account of technical and architectural debt
  • Experience collaborating closely with senior executives on strategic initiatives
  • A background integrating security testing into the SDLC
  • Experience providing security training to developers
  • Ability to find security defects within programming languages such as Go, Rust, Java, Python, Objective C, and mobile device languages
  • Demonstrated experience using DAST and SAST tools and services
  • One or more of the following Cybersecurity certifications are highly desired : Security+, CISSP, or CISM

    • Experience

  • 6+ years planning and designing application security, cloud security, systems security, or platform security
  • 5+ years of experience in at least two security solution design and development disciplines (technical or security infrastructure architecture, cloud security, network security management, secure application development, or secure cloud development)
  • 4+ years of experience in application and open‑source security
  • 3+ years of experience with AWS, GCP, Azure, or another cloud service
  • 2+ years of experience in open‑source frameworks

    • Education

  • Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or equivalent education or work experience

    • Benefits

  • Comprehensive Total Rewards program offering personalized coverage tailored to you and your family’s overall well‑being
  • Financial benefits including market‑competitive compensation, a 401(k) savings plan with a 6% match, performance and recognition‑based incentives, and tuition assistance
  • Access to additional benefits such as mental health care, fertility and adoption assistance
  • Flexible workplace options through GEICO Flex, offering the ability to work from anywhere in the U.S. for up to four weeks per year

    • Equal Employment Opportunity Policy

    The equal employment opportunity policy of the GEICO Companies provides for a fair and equal employment opportunity for all associates and job applicants regardless of race, color, religious creed, national origin, ancestry, age, gender, pregnancy, sexual orientation, gender identity, marital status, familial status, disability or genetic information, in compliance with applicable federal, state and local law. GEICO hires and promotes individuals solely on the basis of their qualifications for the job to be filled.

    GEICO reasonably accommodates qualified individuals with disabilities to enable them to receive equal employment opportunity and / or perform the essential functions of the job, unless the accommodation would impose an undue hardship to the Company. This applies to all applicants and associates. GEICO also provides a work environment in which each associate is able to be productive and work to the best of their ability. We do not condone or tolerate an atmosphere of intimidation or harassment. We expect and require the cooperation of all associates in maintaining an atmosphere free from discrimination and harassment with mutual respect by and for all associates and applicants.

    #J-18808-Ljbffr

    Create a job alert for this search

    Staff Security Engineer • Washington, DC, United States

    Related jobs
    • Promoted
    Insider Threat Program Senior System Engineer

    Insider Threat Program Senior System Engineer

    LeidosLorton, VA, US
    Full-time
    The Digital Modernization Sector at Leidos currently has an opening for a Senior System Engineer supporting the HEITS Contract as part of the Department of Homeland Security (DHS) Insider Threat Pr...Show moreLast updated: 30+ days ago
    • Promoted
    Insider Threat Program User Activity Monitor Engineer

    Insider Threat Program User Activity Monitor Engineer

    LeidosUpper Marlboro, MD, US
    Full-time
    The Digital Modernization Sector at Leidos currently has an opening for User Activity Monitor (UAM) Engineer supporting the HEITS Contract as part of the Department of Homeland Security (DHS) Insid...Show moreLast updated: 30+ days ago
    • Promoted
    Staff Product Manager, Agentic Offensive Security

    Staff Product Manager, Agentic Offensive Security

    hackeroneWashington, DC, United States
    Full-time
    HackerOne is a global leader in Continuous Threat Exposure Management (CTEM).The HackerOne Platform unites agentic AI solutions with the ingenuity of the world's largest community of security resea...Show moreLast updated: 20 days ago
    • Promoted
    Security Engineer (Builder)

    Security Engineer (Builder)

    MetaWashington, DC, United States
    Full-time
    Get AI‑powered advice on this job and more exclusive features.This range is provided by Meta.Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.Sec...Show moreLast updated: 7 days ago
    • Promoted
    Full Stack Software Engineer SME

    Full Stack Software Engineer SME

    Leidos IncAlexandria, VA, United States
    Full-time
    National Security Sector combines technology-enabled services and mission software capabilities in the areas of cyber, logistics, security operations, and decision analytics to support our defense ...Show moreLast updated: 30+ days ago
    • Promoted
    Substation Protection and Control Engineer

    Substation Protection and Control Engineer

    Leidos IncReston, VA, United States
    Full-time
    Looking for an opportunity to make an impact?.Everything we do is built on a commitment to do the right thing for our customers, our people, and our community. Our Mission, Vision, and Values guide ...Show moreLast updated: 20 days ago
    • Promoted
    Sr Electronics Design Engineer

    Sr Electronics Design Engineer

    LeidosUpper Marlboro, MD, US
    Full-time
    The National Airspace Systems Integration Support (NISC) program at Leidos is seeking.Senior Electronics Design Engineers. Federal Aviation Administration (FAA) Eastern Service Area - Engineering Se...Show moreLast updated: 9 days ago
    • Promoted
    Quality Engineer II

    Quality Engineer II

    Leonardo DRSFrederick, MD, United States
    Full-time
    The Leonardo DRS Airborne and Intelligence Systems business is a global leader and strategic partner committed to delivering world-class, full life-cycle defense and intelligence products that prot...Show moreLast updated: 30+ days ago
    • Promoted
    Senior Staff Systems Engineer - EW Analyst

    Senior Staff Systems Engineer - EW Analyst

    Northrop GrummanGlen Burnie, MD, US
    Full-time
    RELOCATION ASSISTANCE : Relocation assistance may be available.At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the...Show moreLast updated: 3 days ago
    • Promoted
    Staff Software Engineer- Federal

    Staff Software Engineer- Federal

    OktaWashington, DC, United States
    Full-time
    Okta is The World’s Identity Company.We free everyone to safely use any technology, anywhere, on any device or app.Our flexible and neutral products, Okta Platform and Auth0 Platform, provide secur...Show moreLast updated: 30+ days ago
    • Promoted
    Staff Systems Engineer

    Staff Systems Engineer

    VisaAshburn, VA, United States
    Full-time
    Visa is a world leader in payments and technology, with over 259 billion payments transactions flowing safely between consumers, merchants, financial institutions, and government entities in more t...Show moreLast updated: 30+ days ago
    • Promoted
    FIPS 140 Security Engineer

    FIPS 140 Security Engineer

    ALTA IT ServicesColumbia, MD, US
    Permanent
    Job Title : FIPS 140 Security Engineer Location : Columbia, Maryland Type : Contract To Hire Compensation : $62.Contractor Work Model : Remote Security Clearance : No active clearance is required.Citizen...Show moreLast updated: 30+ days ago
    • Promoted
    Insider Threat Program User Activity Monitor Sustainment Lead

    Insider Threat Program User Activity Monitor Sustainment Lead

    LeidosUpper Marlboro, MD, US
    Full-time
    The Digital Modernization Sector at Leidos currently has an opening for a User Activity Monitor (UAM) Sustainment Lead supporting the HEITS Contract as part of the Department of Homeland Security (...Show moreLast updated: 30+ days ago
    • Promoted
    Remote Product Tester – $45 / hr + Free Products – Start Now!

    Remote Product Tester – $45 / hr + Free Products – Start Now!

    OCPAMarlton, Maryland, us
    Remote
    Part-time +1
    Product Testers are wanted to work from home nationwide in the US to fulfill upcoming contracts with national and international companies. We guarantee 15-25 hours per week with an hourly pay of bet...Show moreLast updated: 30+ days ago
    • Promoted
    Staff Engineer (Flightdeck and Avionics)

    Staff Engineer (Flightdeck and Avionics)

    Air Line Pilots Association (ALPA)Tysons, VA, United States
    Full-time
    Staff Engineer (Flightdeck and Avionics).Engineering & Air Safety - Staff Engineer.Staff Engineer (Flightdeck and Avionics). Air Line Pilots Association, International (ALPA).Canadian airlines) see...Show moreLast updated: 30+ days ago
    • Promoted
    Staff Electromechanical Design Engineer

    Staff Electromechanical Design Engineer

    Northrop GrummanEllicott City, MD, US
    Full-time
    RELOCATION ASSISTANCE : Relocation assistance may be available.At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the...Show moreLast updated: 1 day ago
    • Promoted
    • New!
    Associate Director Staff Engineer - Software

    Associate Director Staff Engineer - Software

    OneMain FinancialBaltimore, MD, US
    Full-time +1
    This role has transitioned into a technical leadership track.This role has developed the skills to partner and influence other teams toward business targets and goals. This individual is building de...Show moreLast updated: 6 hours ago
    • Promoted
    Staff Product Manager, AI Security

    Staff Product Manager, AI Security

    hackeroneWashington, DC, United States
    Full-time
    HackerOne is a global leader in Continuous Threat Exposure Management (CTEM).The HackerOne Platform unites agentic AI solutions with the ingenuity of the world's largest community of security resea...Show moreLast updated: 30+ days ago