Sr. Manager, Staff Software Engineering - VM (Hybrid)

About The Position

Requirements

• 10+ years of professional software engineering experience, including software development lifecycle best practices.
• 5+ years of development in a large-scale, mission-critical environment.
• 5+ years of hands-on work experience supervising personnel in a technical environment.
• Experience in building highly scalable systems preferably in security domain in a hybrid cloud environment.
• Demonstrated experience with engineering excellence including secure coding practices, threat modeling, and DevSecOps.
• Excellent understanding and knowledge of application development life cycle methodologies such as agile software development, rapid prototyping, incremental value-add, synchronize, and stabilize.
• Strong leadership and team management skills.
• Excellent communication skills, both verbal and written.
• Ability to work under pressure and make decisions in challenging situations.
• Strong problem-solving skills, ability to think critically and ethically.
• Knowledge of at least a programming and scripting language such as Python, Java, C languages, JavaScript, GoLang, Rust.
• Understanding of application security frameworks, standards, and best practices (e.g., OWASP, SANS, NIST).
• Experience with vulnerability scanning, CVE triaging, detection, risk assessment, prioritization, and remediation is a plus.
• Security-related certifications (such as CISSP, CISM, or CompTIA Security+) are a plus.

Nice To Haves

• 5+ years of hands-on experience performing penetration-testing, red teaming, and purple teaming activities.
• 4+ years of experience with Azure, AWS, GCP or other cloud providers.
• Senior role influencing company direction on security.
• Experience applying security controls to exceed third party attestation requirements (PCI, NYDFS, SOX).

Responsibilities

• Develop and maintain a comprehensive Vulnerability Management engineering roadmap that aligns with industry best practices.
• Lead a team of software developers and security engineers in the execution of GEICO's security strategies and action plans.
• Collaborate with technology engineering, product management, and other stakeholders to integrate security tooling into the software development lifecycle (SDLC).
• Oversee the validation and prioritization of security vulnerabilities within services, applications and products.
• Provide expertise as required in security during the design, implementation, and the continual support of our products.
• Participate in the enhancement of security awareness and train developers and other relevant staff in secure coding practices.
• Establish metrics and regular reporting mechanisms for measuring security status and the effectiveness of the application and product security tooling.
• Respond to security incidents and provide post-mortem analysis to illuminate the root cause and prevent recurrence as necessary.
• Keep abreast of the latest security regulations, advisories, alerts, and vulnerabilities pertaining to the company and its mission.
• Identify and raise appropriate project risks, in addition to presenting detailed and implementable solutions or alternatives.
• Understand how requirements and design choices may impact systems across multiple areas.
• Report on your team's progress for project and other key metrics, in addition to presenting detailed and implementable ideas for areas to further improve or influence product or project delivery.
• Initiate and support performance evaluation of team members.
• Cultivate a culture that motivates all levels of performers to higher levels of achievement.
• Execute change management processes and best practices, adapting approach as necessary.

Benefits

• Comprehensive Total Rewards program that offers personalized coverage tailor-made for you and your family's overall well-being.
• Financial benefits including market-competitive compensation; a 401K savings plan vested from day one that offers a 6% match; performance and recognition-based incentives; and tuition assistance.
• Access to additional benefits like mental healthcare as well as fertility and adoption assistance.
• Supports flexibility- We provide workplace flexibility as well as our GEICO Flex program, which offers the ability to work from anywhere in the US for up to four weeks per year.