Enable job alerts via email!

Staff Cyber Security Engineer - GRC (REMOTE)

GEICO

Chevy Chase (MD)

Remote

USD 85,000 - 230,000

Full time

4 days ago

Be an early applicant

Boost your interview chances

Create a job specific, tailored resume for higher success rate.

Job summary

Un leader reconnu dans le secteur des assurances, GEICO, recherche un Staff Security Engineer pour diriger leur programme de gouvernance en cybersécurité. Ce poste clé nécessite une expertise technique pour évaluer les risques, gérer la conformité et collaborer efficacement avec divers intervenants tout en développant des politiques et des procédures de sécurité robustes. Les candidats doivent posséder plus de 6 ans d'expérience en cybersécurité et une solide compréhension des cadres de conformité.

Qualifications

6+ ans dans la cybersécurité et la gestion de la conformité.
Connaissance des cadres de sécurité comme NIST CSF, ISO 27001.
Capacité à travailler avec des ressources techniques et non techniques.

Responsibilities

Gérer la gouvernance de la cybersécurité et les risques associés.
Conduire des audits, préparations et exécutions.
Développer et maintenir des politiques et contrôles de cybersécurité.

Skills

Collaboration

Résolution de problèmes

Communication

Gestion de projets

Education

Bachelor's Degree or equivalent

Tools

Azure

At GEICO, we offer a rewarding career where your ambitions are met with endless possibilities.

Every day we honor our iconic brand by offering quality coverage to millions of customers and being there when they need us most. We thrive through relentless innovation to exceed our customers’ expectations while making a real impact for our company through our shared purpose.

When you join our company, we want you to feel valued, supported and proud to work here. That’s why we offer The GEICO Pledge: Great Company, Great Culture, Great Rewards and Great Careers.

GEICO is a leading insurance provider in the United States, committed to providing exceptional service and innovative financial protection solutions. We are seeking an experienced and talented Staff Security Engineer to optimize our cybersecurity governance program. As a Staff Security Engineer in the Cyber Governance department, you will work closely with technical and business teams to assess and drive policy lifecycle management, including content creation, standards alignment, security controls documentation, lifecycle management with evidence, and ensuring regulatory compliance.

Position Description:
This role provides technical and information security expertise for developing and implementing security policies and managing compliance obligations. You will evaluate and mitigate cybersecurity risks, ensure adherence to legal and industry standards, and develop policies, standards, and guidelines. A strong understanding of cybersecurity principles, risk management, and compliance frameworks is essential.

As a Staff Security Engineer, you will:

Be the main contact for policies, standards, controls, and remediation for non-compliance
Assess and manage information security risks, collaborating with stakeholders to mitigate risks
Coordinate with IT, compliance, legal, and risk teams to meet security requirements
Conduct security assessments, audits, and compliance reviews
Develop metrics and reporting mechanisms for security risks and compliance
Work with external audits on security certifications like ISO 27001, SOC 2 Type 2
Prepare controls owners for audits
Manage the compliance landscape and evidence requirements
Assist in gathering audit evidence for PCI, NY DFS, and state exams
Review evidence gathered by control owners
Identify opportunities to automate manual processes and controls
Develop and maintain cybersecurity policies, standards, and controls
Create dashboards and reports on policy adherence
Regularly review and update policies and procedures
Maintain the governance, risk, and compliance SharePoint site
Influence remediation and risk prioritization, demonstrating holistic risk management
Serve as a cyber governance SME, providing advice and contingency planning
Stay updated on regulatory changes and security trends
Lead audit planning, preparation, and execution, collaborating with various stakeholders
Educate stakeholders on security solutions and opportunities
Drive innovation based on customer needs
Share best practices and improve team processes

Qualifications:

Experience working independently, providing recommendations, leading projects
Knowledge of security frameworks like NIST CSF 2.0, ISO 27001, SOC 2, PCI DSS, NY DFS, SOX
6+ years in cybersecurity compliance testing
Experience leading audits
Ability to work with technical and non-technical resources
Strong project prioritization skills
Understanding of security protocols like Active Directory, SAML, OAuth
Experience with Azure platform and services

6+ years in security compliance frameworks
Strong collaboration and problem-solving skills
Excellent communication and research skills
Ability to build relationships across teams
Conflict resolution skills
Ability to work independently
Bachelor's Degree or equivalent preferred

Annual Salary: $85,000 - $230,000

Salary factors include role scope, experience, education, location, and market considerations.

GEICO considers sponsoring qualified applicants for employment authorization.

Get your free, confidential resume review.

or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.