Cyber GRC Automation Security Engineer (REMOTE)

Join to apply for the Cyber GRC Automation Security Engineer (REMOTE) role at GEICO.

GEICO is seeking a Security Engineer to enhance our cybersecurity governance program. You will lead automation efforts in cyber governance, designing and implementing continuous monitoring and reporting of information security controls across the enterprise for all GEICO applications and services.

You will collaborate with developers, engineers, and compliance & security teams to establish vital controls, automate evidence collection, conduct gap assessments, and flag non-compliance in real time.

• Lead automation initiatives by understanding security policies, standards, technologies, and GEICO's multi-cloud and on-premise environment.
• Create a roadmap and prioritized plan for automating security controls for continuous monitoring.
• Define control language, evidence requirements, and asset scope for automation.
• Develop a unified security controls framework aligned with standards like NIST CSF 2.0, PCI, NY DFS, SOX, etc., to streamline evidence collection.
• Partner with control owners, governance, compliance, and other stakeholders to automate security controls.
• Identify and implement complementary products and solutions to scale automation.
• Collaborate with cloud teams (Azure, GCP, AWS) to ensure successful delivery.
• Design and code modules for infrastructure, applications, and processes as needed.
• Address security and business problems through automation, coding, and API integrations.
• Communicate requirements, results, and recommendations effectively.
• Educate stakeholders on solutions and opportunities.
• Use programming languages like Python, C#, SQL, NoSQL, and tools like Docker and Kubernetes.
• Share best practices and improve processes within teams.
• Follow GEICO's developer standards and guidelines.

• Experience with modern programming languages (Java, C++, C#) and object-oriented design.
• Experience in system architecture, design patterns, reliability, and scalability.
• Knowledge of data structures, algorithms, and operational portals like Azure Portal.
• Understanding of HTML5, JavaScript/TypeScript, XML, JSON.
• Experience with microservices, REST APIs, Azure security features, and security protocols (Active Directory, SAML, OAuth).
• 5+ years of security compliance experience, familiar with standards like SOX, PCI-DSS, ISO27K, SOC, NIST.
• Strong collaboration, communication, and problem-solving skills.
• Bachelor's degree or equivalent experience preferred.

$75,000 - $185,000 annually, depending on experience and other factors.

GEICO offers sponsorship for qualified applicants, a comprehensive benefits package, and a culture of inclusion and growth.