Cyber GRC Security Engineer (REMOTE)

Join to apply for the Cyber GRC Security Engineer (REMOTE) role at GEICO

19 hours ago Be among the first 25 applicants

Join to apply for the Cyber GRC Security Engineer (REMOTE) role at GEICO

GEICO is a leading insurance provider in the United States, committed to exceptional service and innovative financial protection solutions. We seek experienced Security Engineers to enhance our cybersecurity governance program. As a Security Engineer in the Cyber Governance department, you will work with technical and business teams to manage policy lifecycle, standards, controls, and ensure regulatory compliance.

This role provides technical and security expertise to develop and implement the information security risk management program. You will evaluate and mitigate cybersecurity risks, ensure compliance with legal and industry standards, and develop policies and standards. A strong understanding of cybersecurity domains, risk management, and compliance frameworks is essential.

• Serve as the main contact for policies, standards, controls, and remediation for non-compliance.
• Assess and manage information security risks, collaborating with stakeholders to mitigate risks.
• Coordinate with IT, compliance, legal, and risk teams to meet security requirements.
• Conduct security assessments, audits, and compliance reviews; recommend remediation.
• Develop metrics and reports on security risks and compliance status.
• Work with external audits for certifications like ISO 27001, SOC 2 Type 2.
• Prepare control owners for audits and gather audit evidence.
• Identify opportunities to automate manual controls and processes.
• Manage cybersecurity policy lifecycle, standards, and controls; oversee annual reviews.
• Create dashboards and reports on policy adherence.
• Regularly review and update policies and procedures.
• Maintain governance, risk, and compliance SharePoint site.
• Influence remediation priorities and manage risks per regulations and best practices.
• Provide expert advice on cyber governance and contingency planning.
• Stay informed on regulatory changes and security trends.
• Lead audit planning, execution, and collaboration with stakeholders.
• Educate stakeholders on cybersecurity solutions and opportunities.
• Collaborate on feature development based on customer needs.
• Share best practices and improve team processes.

• Experience working independently, leading projects from start to finish.
• Knowledge of security frameworks like NIST CSF 2.0, ISO 27001, SOC 2, PCI DSS, NY DFS, Sarbanes Oxley.
• 5+ years in cybersecurity compliance testing with industry tools.
• Experience leading audits and working with technical and non-technical teams.
• Understanding of security protocols and products (Active Directory, SAML, OAuth).
• Experience with data center structures and Azure cloud services.
• Excellent collaboration, communication, and problem-solving skills.
• Bachelor's Degree or equivalent preferred.

$75,000 - $185,000 annually, based on factors like experience, education, location, and market conditions. GEICO considers sponsoring work authorization for qualified applicants.

We’re committed to innovation, growth, and a positive, inclusive culture that values diverse perspectives. Our benefits include comprehensive rewards, 401K with 6% match, mental health support, tuition assistance, flexible remote work options, and more.

We are an equal opportunity employer, committed to a fair and inclusive workplace, accommodating individuals with disabilities, and maintaining a harassment-free environment.