Staff Security Engineer - Vulnerability Management

Why Join GEICO? At GEICO, we offer a rewarding career where your ambitions are met with endless possibilities. Every day we honor our iconic brand by offering quality coverage to millions of customers and being there when they need us most. We thrive on relentless innovation to exceed our customers' expectations while making a real impact on local communities nationwide. Founded in 1936, GEICO is a member of the Berkshire Hathaway family of companies and one of the largest auto insurers in the United States. When you join our company, we want you to feel valued, supported, and proud to work here. That's why we offer the GEICO Pledge: Great Company, Great Culture, Great Rewards, and Great Careers. GEICO is seeking a highly experienced Staff Security Engineer to lead the strategy, architecture, and execution of Vulnerability Management across a complex, hybrid technology ecosystem. This role combines deep hands-on engineering expertise with strong ownership, operational rigor, and the ability to influence outcomes across teams. This role reports directly to the hiring manager and is accountable for delivering measurable improvements in security posture, operational excellence, and engineering maturity. The position operates as a hands-on advisor to the leadership while remaining deeply embedded in day-to-day execution. This is not a purely strategic role—the individual is expected to actively contribute to team deliverables, participate in on-call rotations, and take ownership of operational outcomes alongside peers. Success in this role requires independent leadership, strong judgment, and the ability to consistently drive high-quality outcomes while influencing teams across infrastructure, product, and engineering. Key Responsibilities Ownership & Accountability Own outcomes end-to-end with a strong sense of accountability; does not defer responsibility for gaps or failures. Drive work to closure with clear ownership of results, timelines, and quality. Proactively identify and address risks, gaps, and inefficiencies without waiting for direction. Maintain high standards of execution and hold self and others accountable to those standards. Operational Excellence, Monitoring & Engineering Excellence Establish and enforce strong operational discipline across services, including monitoring, alerting, and reliability. Ensure systems are observable, measurable, and consistently meet defined SLAs/SLOs. Drive improvements in availability, performance, and scalability through data-driven decisions. Reduce operational toil by simplifying systems, improving automation, and standardizing processes. Build and maintain durable pipelines and integrations across asset inventory, scanning, ticketing, and engineering workflows. Leverage advanced SQL and data mining techniques to analyze vulnerability, asset, and operational data; generate insights that drive prioritization, risk reduction, and system improvements. Security Mindset with Offensive Perspective Apply a security-first engineering mindset from design through production and ongoing operations. Drive vulnerability research by analyzing systems, dependencies, and emerging threats to uncover exploitable weaknesses. Operate with an offensive security mindset, proactively identifying and validating real attack paths and risks. Lead and evolve attack surface and exposure management, maintaining continuous visibility into internal and external exposure across assets, services, and environments. Identify, prioritize, and reduce exposure through improvements in architecture, configuration, and implementation. Challenge assumptions and existing designs where risks are not adequately addressed, acting as a constructive disruptor. Integrate pragmatic, high-impact security improvements into engineering workflows without blocking delivery. Curiosity & Continuous Learning Demonstrate a strong “learn and be curious” mindset to deeply understand systems, dependencies, and behaviors. Actively uncover service potential, hidden risks, scaling limits, and architectural gaps. Stay current with evolving technologies, threats, and engineering practices, applying insights to improve systems. Relentless Execution Maintain urgency and consistently push for better outcomes, even under constraints. Follow through commitments with discipline and focus. Remove blockers, drive momentum, and ensure sustained progress across initiatives. Continuously raise the bar on quality, reliability, and security outcomes. Team Contribution & Leadership Operate as a team player contributing daily alongside peers, including participation in on-call rotations. Provide advisory support to leadership while remaining grounded in execution and delivery. Influence without authority by setting a high bar for ownership, engineering rigor, and operational discipline. Mentor and elevate engineers through guidance, design reviews, and hands-on collaboration. Vulnerability Management Execution Lead the full vulnerability lifecycle: discovery, validation, contextual risk analysis, prioritization, and remediation. Leverage threat intelligence and system context to distinguish true risk from noise. Drive automation across scanning, triage, remediation tracking, and reporting. Generate actionable insights that enable teams to reduce risk efficiently and measurably. Cross-Functional Partnership Collaborate with infrastructure, cloud, DevOps, and product engineering teams to integrate security into delivery workflows. Partner with risk, governance, and incident response functions to ensure alignment on priorities and outcomes. Communicate clearly with technical and non-technical stakeholders on risk, trade-offs, and remediation strategies. Required Qualifications 8+ years of experience in cybersecurity or security engineering roles. Deep expertise in vulnerability management, security engineering, and modern infrastructure (cloud, containers, distributed systems). Strong programming/scripting skills (Python, Go, Java, or similar) with experience building automation at scale. Strong data mining and analytical capabilities with exceptional SQL skills; ability to query, transform, and analyze large security datasets to derive actionable insights and drive decision-making. Proven ability to operate with high ownership and deliver results independently. Strong understanding of systems, networking, identity, and security architecture. Ability to influence engineering teams and senior stakeholders with clear, outcome-oriented communication. Preferred Qualifications Experience with vulnerability research, offensive security techniques, or threat modeling. Familiarity with attack surface management and exposure analysis at scale. Experience integrating security into CI/CD and DevSecOps practices. Working knowledge and applied experience with regulatory and control frameworks, including PCI and NYDFS, is a strong plus. Experience with SIEM, SOAR, and large-scale security data pipelines. Relevant security certifications (CISSP, OSCP, cloud security certifications) are a plus. Education Master’s degree in computer science, Cybersecurity, or equivalent practical experience. Annual Salary $110,000.00 - $230,000.00 The above annual salary range is a general guideline. Multiple factors are taken into consideration to arrive at the final hourly rate/ annual salary to be offered to the selected candidate. Factors include, but are not limited to, the scope and responsibilities of the role, the selected candidate’s work experience, education and training, the work location as well as market and business considerations. GEICO will consider sponsoring a new qualified applicant for employment authorization for this position. The GEICO Pledge: Great Company: Protecting customers through life’s twists and turns with innovation and integrity. Great Careers: Personalized development programs, mentorship, and certification assistance. Great Culture: Inclusive and collaborative culture rooted in shared success. Great Rewards: Competitive pay, benefits, and flexibility to support your well-being and future. The equal employment opportunity policy of the GEICO Companies provides for a fair and equal employment opportunity for all associates and job applicants regardless of race, color, religious creed, national origin, ancestry, age, gender, pregnancy, sexual orientation, gender identity, marital status, familial status, disability or genetic information, in compliance with applicable federal, state and local law. GEICO hires and promotes individuals solely on the basis of their qualifications for the job to be filled. GEICO reasonably accommodates qualified individuals with disabilities to enable them to receive equal employment opportunity and/or perform the essential functions of the job, unless the accommodation would impose an undue hardship to the Company. This applies to all applicants and associates. GEICO also provides a work environment in which each associate is able to be productive and work to the best of their ability. We do not condone or tolerate an atmosphere of intimidation or harassment. We expect and require the cooperation of all associates in maintaining an atmosphere free from discrimination and harassment with mutual respect by and for all associates and applicants. At GEICO, we offer a rewarding career where your ambitions are met with endless possibilities. Every day we honor our iconic brand by offering quality coverage to millions of customers and being there when they need us most. We thrive on relentless innovation to exceed our customers' expectations while making a real impact on local communities nationwide. Founded in 1936, GEICO is a member of the Berkshire Hathaway family of companies and one of the largest auto insurers in the United States. Opportunities for Students & Grads Learn more about GEICO Benefits