Jobs · Information Technology · Washington

Staff Engineer - Platform Security Engineering – Encryption and Tokenization

GEICO · Seattle, WA · 5 days ago
HybridInformation Technology$110k–$230k/yrFull-time

About the role

The GEICO Platform Security Engineering organization is seeking a Staff Engineer – Platform Security Engineering – Encryption and Tokenization to join our dynamic team.

Responsibilities

  • Lead the design, development, and evolution of encryption, tokenization, and key management solutions within a defined platform or product domain.
  • Drive hands-on implementation of secure data protection capabilities, contributing directly to production-ready systems while setting technical direction for the team.
  • Ensure the quality, reliability, and operational excellence of encryption and tokenization services, including high availability, disaster recovery, observability, and auditable logging.
  • Partner closely with compliance, security, data governance, and application teams to ensure cryptographic solutions align with company policies and regulatory requirements.
  • Contribute to architectural decisions by proposing scalable, resilient designs for key management systems and data protection workflows.
  • Apply knowledge of modern cryptography trends and standards to improve platform security and inform technical decisions.
  • Provide technical mentorship and guidance to engineers on the team, helping raise the bar on secure coding, design quality, and operational practices.
  • Collaborate with product and engineering stakeholders to integrate encryption and tokenization solutions that support business and platform goals.
  • Identify opportunities to improve performance, cost efficiency, and developer experience within the encryption and key management ecosystem.

Qualifications

  • Strong understanding of cryptographic encryption, tokenization, and Key Management Systems (KMS).
  • Experience designing and implementing secure, scalable solutions for data at rest encryption, using open-source cryptographic libraries and protocols (e.g., FPE, AEAD).
  • Strong software engineering skills, with experience building production-grade services (Go preferred).
  • Working knowledge of key management technologies and libraries, such as Google Tink, PKCS#11, JCE, and OpenSSL.
  • Experience operating stateful systems such as PostgreSQL, including replication and reliability considerations.
  • Proven problem-solving skills with a security-first mindset and proactive approach to risk mitigation.
  • Experience applying site reliability engineering (SRE) practices, including monitoring, alerting, and incident response (Grafana, Prometheus, Open Telemetry, eBPF).
  • Experience building and maintaining CI/CD pipelines and infrastructure as code (e.g., Bazel, Terraform, Argo CD/Workflows/Rollouts).
  • Strong communication skills, with the ability to explain technical concepts clearly to engineers and partner teams.
  • Familiarity with hardware security modules (HSMs) and cryptography standards.
  • Experience 6+ years of experience in security or software engineering with a focus on encryption, tokenization, key management, or cryptography.
  • 3+ years of experience contributing to system design, architecture, and security-focused solutions.
  • Experience working with open-source security or cryptography frameworks.
  • Experience building and operating systems in cloud environments (AWS, GCP, Azure preferred).

Pay

$110,000.00 - $230,000.00

Schedule

Full-time

Similar jobs