Sr Staff Engineer - AI Security
About the role
GEICO is seeking an experienced Senior (Sr) Staff Engineer to provide enterprise strategy and support for AI security. The role involves guiding the design, development, and security of code and code repositories for agentic enterprise and consumer applications and services.
Responsibilities
- Work independently with developers, system/network engineers, product owners, and other engineers to ensure secure design, development, and implementation of AI and agentic based applications
- Drive AI Security strategy across GEICO
- Develop secure agentic development best practices standards and drive adoption across the developer community
- Define and document secure architecture patterns and anti-patterns
- Perform security architecture design reviews of our products including web applications, services, and mobile applications
- Define security best practices and standards and partner with Product Development teams to implement them
- Provide remediation guidance and recommendations to developers and engineers
- Serve as a technical advisor and consultant to colleagues and GEICO leadership on the implementation of the Cybersecurity security policy and standards
- Provide technical thought leadership for integration decisions, analyzing design constraints and trade-offs in system and security design, and ensuring integrity of GEICO mission objectives, while protecting GEICO assets from cyber threats and vulnerabilities
- Interface with the Product and Cyber Security teams to track security feature enhancement requests
- Help develop actionable insights, prioritizing the work, based on risk, and impact, and allocate resources effectively, using Geico specific large data sets
Qualifications
- Expert knowledge in AI and agentic applications, services, design patterns, and protocols
- Hands-on AI product development experience, with strict SLA and SLR, using a mature S-SDLC
- Direct experience working with development teams to define, develop and document secure solutions
- Strong familiarity with common vulnerabilities and attack vectors
- Knowledge of ubiquitous encryption technologies (PGP, SSH, SSL, etc.) and common authentication protocols (OpenID Connect, OAUTH, SAML, RADIUS, LDAP, KERBEROS, etc.)
- Solid understanding of secure network, system, and service design in cloud (Azure, AWS etc.) and conventional environments
- Understanding and applied use of OWASP Top 10, NIST SP800 Series, NIST CSF, FIPS 140-2, ISO 27001, PCI-DSS, etc.
- Advanced understanding and knowledge of application development life cycle methodologies (such as agentic development, waterfall, spiral, agile software development, rapid prototyping, incremental, synchronize and stabilize, and DevOps/ SecDevOps)
- Exposure to multiple, diverse security technologies, platforms, and processing environments
- Advanced understanding and knowledge of application development life cycle methodologies (such as agentic development, waterfall, spiral, agile software development, rapid prototyping, incremental, synchronize and stabilize, and DevOps/ SecDevOps)
- Knowledge of various aspects of a technology architecture like integration, network, and security
- Experience integrating security testing into the SDLC
- Experience providing security training to developers
- Demonstrated experience using SCA, DAST, and SAST tools and services
- One or more of the following Cybersecurity certifications are highly desired: Security+, Certified Information System Security Professional (CISSP), Certified Software Security Lifecycle Professional (CSSLP) or Certified Information Security Manager (CISM)
- Experience planning and designing application security, cloud security, systems security, or platform security
- Experience with AWS, GCP, Azure, or another cloud service
- Experience with AI development and frameworks
Pay
$120,000.00 - $260,000.00
Schedule
Full-time
Benefits
Comprehensive Total Rewards program that offers personalized coverage tailor-made for you and your family's overall well-being. Financial benefits including market-competitive compensation; a 401K savings plan vested from day one that offers a 6% match; performance and recognition-based incentives; and tuition assistance. Access to additional benefits like mental healthcare as well as fertility and adoption assistance. Supports flexibility- We provide workplace flexibility as well as our GEICO Flex program, which offers the ability to work from anywhere in the US for up to four weeks per year.
Equal Employment Opportunity
The GEICO Companies provides for a fair and equal employment opportunity for all associates and job applicants regardless of race, color, religious creed, national origin, ancestry, age, gender, pregnancy, sexual orientation, gender identity, marital status, familial status, disability or genetic information, in compliance with applicable federal, state and local law. GEICO hires and promotes individuals solely on the basis of their qualifications for the job to be filled. GEICO reasonably accommodates qualified individuals with disabilities to enable them to receive equal employment opportunity and/or perform the essential functions of the job, unless the accommodation would impose an undue hardship to the Company. This applies to all applicants and associates. GEICO also provides a work environment in which each associate is able to be productive and work to the best of their ability. We do not condone or tolerate an atmosphere of intimidation or harassment. We expect and require the cooperation of all associates in maintaining an atmosphere free from discrimination and harassment with mutual respect by and for all associates and applicants.