Identity Security Distinguished Engineer - Expert in Identity and Access Management Solutions for Remote Work Environment

Unlock Your Career Potential with GEICO's Cybersecurity Team

GEICO, one of the nation's largest and fastest-growing auto insurers, is seeking an Identity Security Distinguished Engineer to join its Cybersecurity team. As a wholly owned subsidiary of Berkshire Hathaway, GEICO offers a financially stable and rewarding workplace with opportunities for training and career advancement. We're looking for a highly skilled and experienced professional to provide strategic and technical direction for our identity and access management solutions, driving modernization and innovation in our identity strategy.

About the Role

As an Identity Security Distinguished Engineer, you will play a lead role in GEICO's Cybersecurity team, focusing on defensive and protective controls, compliance, and governance automation. You will be the technical and engineering lead for a team of engineers who proactively deliver secure IAM configuration, threat detection, and strategic partnership on the IAM roadmap. Your expertise will help drive business transformation as we transition from a traditional IT Security model to a tech organization with engineering excellence as its mission.

Key Responsibilities

• Influence and educate staff at all levels to bring a security-minded approach to challenging problems, balancing usability and security.
• Provide technical guidance and mentorship to the team, fostering a culture of innovation, collaboration, and continuous improvement.
• Collaborate with cross-functional leaders, team members, IAM engineering, and peer security teams to solve complex problems with minimal business impact.
• Proactively identify opportunities to enhance security measures, streamline processes, and optimize tooling to fortify our environment against emerging threats.
• Deliver automation initiatives, conduct advanced research, and develop proofs of concept to enhance our security capabilities and improve overall efficiency.
• Help develop and implement engineered automation to ensure compliance with industry regulations and frameworks.
• Work with business partners to derive and validate mitigation techniques for identified threats and/or non-compliance.
• Define roadmaps for securing various identities with purposeful and functional security without impacting or unnecessary overhead.
• Conduct automated adversarial testing of our identity systems to ensure detection mechanisms function appropriately and efficiently.
• Provide motivating demonstrations and communications to show the value of our security measures to the business, highlighting low impact on systems, improved operability, and resiliency.

Essential Qualifications

To be successful in this role, you should have:

• Extensive experience in identity products and protocols, including Active Directory, Kerberos, LDAP, SAML, SCIM, OAuth, and OIDC.
• Deep skills in privileged access management tools and services (build/buy).
• Extensive experience in offensive and defensive security roles, with a strong hacker mindset.
• Experience building and designing security systems with micro-services and extensible REST APIs.
• Experience communicating and presenting to senior and junior staff, with the ability to influence stakeholders.
• Experience in a multi-platform environment with Linux, Mac, Windows.
• Experience with multiple IaaS platforms from top-tier providers.
• Ability to excel in a fast-paced, startup-like environment.
• Strong knowledge of industry-standard security tools, frameworks, and best practices, including ITDR, EPM, MITRE, CIS, and NIST.
• Demonstrated fluency and specialization with at least one modern language, such as Python or Go.
• In-depth expertise in cryptographic protocols, digital certificates, and encryption standards, such as X.509, Transport Layer Security (TLS), and Advanced Encryption Standard (AES).

Preferred Qualifications

To further enhance your candidacy, you should have:

• 8+ years of experience in a dedicated security role, preferably in the tech industry.
• 5+ years of experience with security, identity, architecture, and design.
• 5+ years of experience with open-source frameworks.
• 3+ years of experience with AWS, GCP, Azure, or other cloud providers.
• 3+ years in a senior security role, preferably architecture, influencing company direction on security strategy.
• Education with practical examples in penetration testing, writing test scripts, and determining countermeasures.
• Experience applying security controls to exceed third-party attestation requirements (PCI, SOC, etc.).
• Desired certifications: CISSP, CISA, CISM, CCSK, CCSP, CEH, C|CISO, and related GIAC.

What We Offer

As an Associate at GEICO, you'll enjoy our Total Rewards Program, which includes:

• Premier Medical, Dental, and Vision Insurance with no waiting period.
• Paid Vacation, Sick, and Parental Leave.
• 401(k) Plan.
• Tuition Assistance.
• Paid Training and Licensures.

Our compensation package is competitive, with a salary range of $150,000 to $300,000 per year, depending on your experience and qualifications.

Our Culture and Values

At GEICO, we're committed to creating a work environment that is inclusive, diverse, and respectful. We believe in fostering a culture of innovation, collaboration, and continuous improvement, where our Associates can thrive and grow. We're proud to be an equal employment opportunity employer, and we welcome applicants from diverse backgrounds.

Take the Next Step

Are you ready for this exciting opportunity? Apply now and let's discuss how you can become a vital part of our success story. As an Identity Security Distinguished Engineer at GEICO, you'll have the chance to drive innovation, lead new initiatives, and make a meaningful impact on our organization. Don't miss out on this chance to unlock your career potential and join our team of dedicated and hard-working professionals.

To apply, please click on the link below: