Senior Staff Engineer, Cybersecurity Compliance & Assurance - GEICO

Key Responsibilities

• Design and implement comprehensive security controls across on‑prem and cloud environments, ensuring compliance with NIST, ISO 27001, and industry regulations.
• Lead risk assessment and threat modeling efforts, translating findings into actionable remediation plans and continuous improvement initiatives.
• Collaborate with cross‑functional teams to integrate security into the software development lifecycle, providing guidance on secure coding, architecture, and deployment.
• Develop and maintain governance frameworks, policies, and procedures, and conduct regular audits to validate effectiveness and identify gaps.
• Serve as subject matter expert on incident response, coordinating investigations, root‑cause analysis, and post‑incident reviews.

Requirements

• 10+ years of experience in cybersecurity, with a focus on compliance, risk management, and cloud security.
• Deep knowledge of security frameworks (NIST, ISO 27001, SOC 2) and regulatory requirements (GDPR, CCPA, PCI‑DSS).
• Proven track record of leading large‑scale security initiatives and influencing executive stakeholders.
• Strong communication skills, able to translate technical concepts to non‑technical audiences.
• Relevant certifications (CISSP, CISM, CCSP, or equivalent) preferred.