Application Security Lead

Fredericksburg, VA
Dec 07, 2021
Dec 10, 2021
IT, Security Engineer
Full Time
The Application Security Team is seeking a highly motivated, team-oriented, and process-driven Lead to join our Cyber Security Department achieve GEICO's business objectives. This is a position, responsible for supporting GEICO's application security efforts. The selected candidate will play an important role in protecting information from security threats. The ideal candidate will have a desire to work in a dynamic environment, have an excellent work ethic, excellent strategic planning skills, and governance knowledge. The candidate must be able to perform in a fast-paced environment, while understanding and meeting the needs of the business.At GEICO, we make sure you have the support and resources to leverage and develop your skills, secure your financial future, and take care of your health and well-being. GEICO continually seeks to provide a workplace where everyone can be their authentic self. To help achieve this goal, we support associate-led Employee Resource Groups that foster a true sense of community. Through GEICO's competitive benefits offerings and various training and development opportunities, we have you covered with our Total Rewards Program* that includes:Premier Medical, Dental and Vision Insurance with no waiting period**Paid Vacation, Sick and Parental Leave401(k) Plan with Profit SharingTuition ReimbursementPaid Training and LicensuresQualifications:Bachelor's Degree in Computer Science or related field3 + years of relevant leadership experienceMust have experience in Application Security at an enterprise levelCISSP, CISM, GSEC security certification (Preferred)Expertise in application development and dev-ops security technologies and integration such as code scanning, Open source scanning, vulnerability analysis, and security for automated deployments.Ability to work in a fast-paced Agile development environment.Ability to effectively manage people and lead change. Must be able to develop strategies, governance and goals.Excellent Verbal and Written Communication SkillsCore Responsibilities:Lead a high performing Application Security group, develop and drive programmatic efforts to address external, internal, and emerging application security risks throughout the organization. Lead product security architecture, security testing, secure design review, and security engineering, and reporting.Drive projects related to product security, threat modelling, software security automation, penetration testing/ bug bounty and the security development lifecycle.Develop key partnerships with executive leadership and their staff to facilitate positive a primarily Agile and DevOps environment, design, develop and deliver application security strategy, throughout the CI/CD lifecycle.Working with the application teams, ensure that application security risks are effectively identified using market leading tools (SAST, DAST, SCA etc.) .and appropriately addressed while maintaining a balance between security & usability.Be an application security evangelist who can translate security concepts into language that is meaningful to varying audiences, including business and technical leaders. Integrate new and existing security tools, standards, and processes into the development life cycle, including static analysis and runtime testing tools.Contribute to the development and implementation of security technology solutions, both open source and commercial.Support compliance programs - PCI, NIST CSF, SOC 2 via the development, implementation and governance of common controls for products and infrastructure.Focus on using security metrics and risk management to guide security programs and apply resources efficiently.*Total Rewards Program benefits may vary by location and circumstances. Benefit eligibility requirements may also vary by location and be based on length of employment.**Coverage begins with the pay period after hire date. Must enroll in New Hire Benefits within 30 days of the date of hire for coverage to take effect.The safety of our associates is GEICO's highest priority. If you are required to come into the office for licensing, training, or orientation, please note that we have implemented a variety of safety precautions within our offices. Additional safety precautions include no-contact temperature screening stations, added signage for associates on common-area occupancy limits, socially distanced workstations, and increased cleaning procedures for all areas.GEICO is proud to be an equal opportunity employer. We are committed to cultivating an environment where equal employment opportunities are available to all associates and job applicants regardless of race, color, religious creed, national origin, ancestry, age, gender, pregnancy, sexual orientation, gender identity, marital status, familial status, disability or genetic information, in compliance with applicable federal, state and local law. GEICO celebrates diversity and believes it is critical to our success. As such, we are committed to recruit, develop and retain the most talented individuals to join our team.#LI-KL2PDN-94e6f1e3-bb93-4d06-b281-2fcb223baf09