At GEICO, we offer a rewarding career where your ambitions are met with endless possibilities.
Every day we honor our iconic brand by offering quality coverage to millions of customers and being there when they need us most. We thrive through relentless innovation to exceed our customers’ expectations while making a real impact for our company through our shared purpose.
When you join our company, we want you to feel valued, supported and proud to work here. That’s why we offer The GEICO Pledge: Great Company, Great Culture, Great Rewards and Great Careers.
GEICO is seeking a highly experienced Senior Staff Security Engineer to lead the strategy, architecture, and technical execution of Vulnerability Management across a complex, hybrid technology ecosystem. This role blends deep security engineering expertise with strong architectural leadership and the ability to influence engineering practices at scale. You will drive the organization’s vulnerability lifecycle maturity, champion security‑by‑design, and elevate the skills and effectiveness of engineers across multiple teams.
This is a high‑impact technical role who maintains a strong connection with both customers and underlying systems for shaping the company’s vulnerability management maturity, influencing engineering culture, and safeguarding critical systems. The Senior Staff Security Engineer will drive meaningful, measurable improvements to security posture while enabling teams to build and ship technology with confidence. They demonstrate a keen ability to dive deep into complex problems to fully understand how systems operate, discerning when to make incremental improvements and when to challenge the status quo to drive impactful results. They are well-versed with Vulnerability Management Lifecycle - asset discovery, internal/external scans, contextualization and risk-based assessment, triaging of CVEs, detection authoring, security data pipeline, reporting, and remediation.
This role is an advisor to the Sr Director and is critical to our cybersecurity objectives. The position requires a strong security and engineering background. The successful candidate will play a key role in maintaining a strong security posture for the company through close collaboration with infrastructure, development, product, and other organizations across GEICO to integrate security into the ecosystem from design through deployment to sustainable operations.
At GEICO’s Cybersecurity organization, we are committed to strengthening the company’s digital resilience and advancing the security of our technology ecosystem. Our mission is to proactively protect our customers, associates, and business by modernizing our security capabilities, elevating our defensive posture, and enabling secure innovation at scale. As GEICO transforms its technology landscape, Cybersecurity plays a pivotal role in delivering secure, reliable, and future‑ready solutions that support every line of business and every customer channel—empowering the enterprise with protection that is adaptable, intelligent, and built for the evolving threat landscape.
Key Responsibilities
Vulnerability Management Execution
Lead the full vulnerability lifecycle: discovery, validation, risk analysis, prioritization, and remediation measurement.
Leverage business contextualization, underlying systems, and threat intelligence to perform risk assessment for identifying true risk to drive remediation.
Build integrations among scanning tools, asset inventory, CMDBs, ticketing, CI/CD, and monitoring pipelines to streamline workflows.
Evaluate, test, and implement emerging tools and technologies that advance VM automation and intelligence.
Design automation to reduce manual work, increase accuracy, and accelerate remediation.
Generate data‑driven insights that help teams understand, prioritize, and resolve vulnerabilities efficiently.
Cross‑Functional Partnership
Collaborate with cloud, infrastructure, DevOps, and product engineering groups to integrate vulnerability management into pipelines and delivery workflows.
Work closely with risk, compliance, governance, and incident response teams to ensure alignment with organizational and regulatory standards.
Communicate vulnerability trends, risk implications, and remediation strategies to technical and non‑technical stakeholders.
Operational Excellence & Measurement
Define KPIs, SLAs, dashboards, and reporting models to drive accountability and measurable vulnerability reduction.
Establish repeatable processes, playbooks, and workflows that ensure consistent VM operations across teams and environments.
Ensure the reliability, performance, and scalability of VM tools and data pipelines.
Leadership, Mentoring & Team Development
Mentor junior and mid‑level engineers, offering guidance on advanced security concepts, engineering best practices, and career development.
Serve as a multiplier by elevating skillsets across teams through coaching, pairing, design reviews, and knowledge‑sharing.
Influence architecture and engineering leadership with clear communication, strong decision‑making, and the ability to simplify complex security issues.
Required Qualifications
8+ years of experience in cybersecurity or security engineering roles.
Deep expertise with vulnerability management tools, methodologies, and industry standards.
Hands‑on experience with modern infrastructure, cloud services (AWS/Azure/GCP), container platforms, and operating systems.
Proficiency with a modern programming language (Python, Go, Java, etc.) and scripting for automation at scale.
Strong understanding of security architecture, networking, operating systems, identity, and cloud services.
Proven ability to lead, mentor, and inspire engineers across multiple teams.
Strong communication skills with the ability to influence senior stakeholders and translate complex risks into actionable guidance.
Hands-on experience implementing cybersecurity frameworks e.g. NIST CSF
Hands-on experience with leading compliance initiatives to meet e.g. PCI, SOX, NYDFS, etc.
Preferred Qualifications
Exposure to comprehensive security assessment, penetration testing, threat modeling, or security research.
Familiarity with SIEM, SOAR, and asset intelligence integrations.
Security certifications (CISSP, GCSA, OSCP, cloud security certs) are a plus.
Experience embedding security controls into CI/CD pipelines and DevSecOps workflows.
Education:
Bachelor’s degree in computer science, Cyber Security, or equivalent education with relevant work experience
Annual Salary
$130,000.00 - $260,000.00The above annual salary range is a general guideline. Multiple factors are taken into consideration to arrive at the final hourly rate/ annual salary to be offered to the selected candidate. Factors include, but are not limited to, the scope and responsibilities of the role, the selected candidate’s work experience, education and training, the work location as well as market and business considerations.
The GEICO Pledge:
Great Company: At GEICO, we help our customers through life’s twists and turns. Our mission is to protect people when they need it most and we’re constantly evolving to stay ahead of their needs.
We’re an iconic brand that thrives on innovation, exceeding our customers’ expectations and enabling our collective success. From day one, you’ll take on exciting challenges that help you grow and collaborate with dynamic teams who want to make a positive impact on people’s lives.
Great Careers: We offer a career where you can learn, grow, and thrive through personalized development programs, created with your career – and your potential – in mind. You’ll have access to industry leading training, certification assistance, career mentorship and coaching with supportive leaders at all levels.
Great Culture: We foster an inclusive culture of shared success, rooted in integrity, a bias for action and a winning mindset. Grounded by our core values, we have an an established culture of caring, inclusion, and belonging, that values different perspectives. Our teams are led by dynamic, multi-faceted teams led by supportive leaders, driven by performance excellence and unified under a shared purpose.
As part of our culture, we also offer employee engagement and recognition programs that reward the positive impact our work makes on the lives of our customers.
Great Rewards: We offer compensation and benefits built to enhance your physical well-being, mental and emotional health and financial future.
The equal employment opportunity policy of the GEICO Companies provides for a fair and equal employment opportunity for all associates and job applicants regardless of race, color, religious creed, national origin, ancestry, age, gender, pregnancy, sexual orientation, gender identity, marital status, familial status, disability or genetic information, in compliance with applicable federal, state and local law. GEICO hires and promotes individuals solely on the basis of their qualifications for the job to be filled.
GEICO reasonably accommodates qualified individuals with disabilities to enable them to receive equal employment opportunity and/or perform the essential functions of the job, unless the accommodation would impose an undue hardship to the Company. This applies to all applicants and associates. GEICO also provides a work environment in which each associate is able to be productive and work to the best of their ability. We do not condone or tolerate an atmosphere of intimidation or harassment. We expect and require the cooperation of all associates in maintaining an atmosphere free from discrimination and harassment with mutual respect by and for all associates and applicants.