Principal Application Security Engineer (Remote)

Chevy Chase, MD
Aug 14, 2022
Aug 16, 2022
Full Time
GEICO is more than insurance, it's truly a tech company at heart. GEICO's Technology Solutions is rapidly expanding to keep up with its growth in the digital space.The Application Security Team at GEICO is seeking highly motivated, team-oriented, and process-driven Principal Application/Product Security Engineer to join our Cybersecurity Division. The ideal candidate will be key to driving threat modeling, secure coding and SSDLC efforts. You'll work on complex platform security projects both independently and collaboratively in our agile environment. This role requires a strong background in security as it relates to platform infrastructure, application security, and other aspects of network/cloud infrastructure security. You will have software architecture experience and strong application security skills and will be responsible for implementing the highest level of security standards across GEICO's product stack.Core Responsibilities:Transform organizational and process challenges to achieve results that drive complex security efforts for internal and external customers.Develop and implement workflows to automate security testing/vulnerability detection for the software development lifecycle; design, implement, and maintain tooling to secure self-service infrastructure.Lead threat modeling program with enterprise architects, integrating the program and its processes into the SDLC.Experience implementing and continuously improving AppSec tools such as Static Application Security Tests (SAST), Dynamic Application Security Testing (DAST) and Software Composition Analysis (SCA), secrets, container, IaC and fuzz scanning.Working with the application teams to ensure that application security risks are effectively identified using market leading commercial and open-source tools (SAST, DAST, SCA etc.).Provide vulnerability remediation and mitigation guidance that maintains a balance between security and business objectives.Advanced understanding of tooling integrations that support agile, CI/CD, and DevSecOps methodologies. Must have a mindset of continuous improvement of people, processes and technology.Engage with product owners, project managers and developers to conduct security reviews, identify risks and conform to organizational remediation/mitigation timelines.Provide technical leadership by mentoring junior team members and act as a subject matter expert for application security issues.Support compliance programs - PCI, NIST CSF, ISO 27001, and SOX via the development, implementation and governance of common controls for products and infrastructure.Qualifications:Bachelor's Degree in Software Engineering, Computer Science, Cybersecurity, or related field is preferred5+ years of relevant experience in Application Security or secure development.Experience with multiple modern programming languages; C#, JavaScript, Swift, Kotlin, and/or Python.Working knowledge of cloud native security best practices (AWS, Azure, containers, Kubernetes, etc.)Able to work both independently as well with architecture and development teams. A strong ability to multi-task effectively in a high-paced environment is critical to success.Excellent written and oral communication skills, as well as social skills including the ability to articulate to both technical and non-technical audiences.Relevant professional certifications preferred (eg CISSP, CSSLP, CASE, AZ-305, AZ-400, AZ-500, etc.)Benefits:At GEICO, we make sure you have the support and resources to leverage and develop your skills, secure your financial future, and take care of your health and well-being. GEICO continually seeks to provide a workplace where everyone can be their authentic self. To help achieve this goal, we support associate-led Employee Resource Groups that foster a true sense of community. Through GEICO's competitive benefits offerings and various training and development opportunities, we have you covered with our Total Rewards Program* that includes:Premier Medical, Dental and Vision Insurance with no waiting period**Paid Vacation, Sick and Parental Leave401(k) Profit Sharing PlanTuition Assistance including Direct Billing and Reimbursement payment plan optionsPaid Training, Licensures, and Certificates*Benefits may be different by location. Benefit eligibility requirements vary and may include length of service. **Coverage begins with the pay period after hire date. Must enroll in New Hire Benefits within 30 days of the date of hire for coverage to take effect.The safety of our associates, both current and future, is GEICO's highest priority. At this time, most of our associates are working remotely due to the current COVID-19 pandemic. Candidates who are selected for this position will be trained remotely and must be able to work from home in a designated work area.GEICO is proud to be an equal opportunity employer. We are committed to cultivating an environment where equal employment opportunities are available to all associates and job applicants regardless of race, color, religious creed, national origin, ancestry, age, gender, pregnancy, sexual orientation, gender identity, marital status, familial status, disability or genetic information, in compliance with applicable federal, state and local law. GEICO celebrates diversity and believes it is critical to our success. As such, we are committed to recruit, develop and retain the most talented individuals to join our team.#LI-JD3PDN-96ad8de3-54c4-4d1d-8b9c-e4bb6d6c10db

Similar jobs