GEICO is seeking an experienced Senior Engineer with a passion for continuously researching, assessing, and prioritizing cyber threats based on internal and external relevance, and impact. You will lead capturing GEICO portfolio of historical threat activity, trends, and common attack vectors to predict and detect future threats. Geico Senior Engineer partners with Cyber Security teams to detect and isolate advanced threats that are lurking undetected in the network having evaded existing security solutions. You will also be a thought leader for Analytics team's creation of hypotheses leveraging internal and external sources, private sources, and trusted partners like BRK-ISAC, FSISAC.

　　As a Senior Engineer you will help build a high-performance Analytics program covering enterprise security and applications. You will help drive Geico insurance business transformation and detection engineering domain forward, as we redefine secure experiences for GEICO customers.

　　GEICO Senior Engineer collaborates with other engineers to innovate and build new systems, improve, and enhance existing systems as well as identify new opportunities to solve critical problems. You will lead Strategy and Execution of the Analytics roadmap that will increase the velocity of delivering detections and protections, while unlocking new engineering capabilities. The ideal candidate has deep technical expertise in the Open-Source platform domain.

　　 Position Responsibilities

　　As a Senior Engineer, you will: Cyber Detection Engineer is responsible for continuously researching, assessing, and prioritizing cyber threats based on internal and external relevance, and impact. Participates in capturing a portfolio of historical threat activity, trends, and common attack vectors to predict and detect future threats. Partnering with Threat Hunt team, proactively and iteratively search through networks to detect and isolate advanced threats that are lurking undetected in the network having evaded existing security solutions. Create hypotheses leveraging internal and external sources, private sources, and trusted partners like BRK-ISAC, FSISAC Work with MSSP for content development and promote GEICO Use cases to MSSP for triage Participates in continuous improvement of Cyber Detection Program including working to measure success, failure, and value of MSSP use cases Partnering and participating in maintaining sources of data collection and analysis to facilitate the conversations supporting Cyber Detections and Threat Hunting Evaluates new solutions and methodologies (machine-assisted techniques) and provides detailed reviews and recommendations to the Security Intelligence and Incident Response Manager. Provides research for next generation, traditional and non-traditional cyber threat methods, techniques, and tactics specific to evolving IT infrastructures. Improve automated detection by prototyping new ways to detect malicious activity and then turning those prototypes into effective new automations. Qualifications: Experience with collecting, analyzing, and interpreting qualitative and quantitative data from multiple sources for the purposes of documenting results and analyzing findings to provide meaningful reports. Understanding of IT Security concepts to include network design, countermeasures, risk management, operational security, and attack techniques. Experience working with SIEM and Data Collection is a must. Experience working with Hunt scenarios, Insider Threat, or Data Loss Prevention (DLP) solutions a plus. Foundational knowledge in information technology, to include hardware, networking, architecture, protocols, files systems and operating systems. Programming in Python or other scripting languages a plus. Ability to leverage well-honed online researching expertise to identify and navigate relevant online forums, including Web sites, social media, and traditional sources for research and analysis. Ability to think critically and analyze abstract data. One or more of the following Cybersecurity certifications are preferred: CISSP, CEH or SANS GIAC Experience: 4+ years of professional software development experience 4+ years of experience with AWS, GCP, Azure, or another cloud service 4+ years of experience in security engineering and technology 3+ years of experience with architecture and design 3+ years of experience in open-source frameworks 1+ years of people management experience Education: Bachelor's degree in Computer Science, Information Systems, Cybersecurity, or equivalent education or work experience #LI-AW1

　　At this time, GEICO will not sponsor a new applicant for employment authorization for this position.

　　Benefits:

　　As an Associate, you'll enjoy our Total Rewards Program * to help secure your financial future and preserve your health and well-being, including:Premier Medical, Dental and Vision Insurance with no waiting periodPaid Vacation, Sick and Parental Leave401(k) PlanTuition ReimbursementPaid Training and Licensures*Benefits may be different by location. Benefit eligibility requirements vary and may include length of service.

　　Coverage begins on the date of hire. Must enroll in New Hire Benefits within 30 days of the date of hire for coverage to take effect.

　　The equal employment opportunity policy of the GEICO Companies provides for a fair and equal employment opportunity for all associates and job applicants regardless of race, color, religious creed, national origin, ancestry, age, gender, pregnancy, sexual orientation, gender identity, marital status, familial status, disability or genetic information, in compliance with applicable federal, state and local law. GEICO hires and promotes individuals solely on the basis of their qualifications for the job to be filled.

　　GEICO reasonably accommodates qualified individuals with disabilities to enable them to receive equal employment opportunity and/or perform the essential functions of the job, unless the accommodation would impose an undue hardship to the Company. This applies to all applicants and associates. GEICO also provides a work environment in which each associate is able to be productive and work to the best of their ability. We do not condone or tolerate an atmosphere of intimidation or harassment. We expect and require the cooperation of all associates in maintaining an atmosphere free from discrimination and harassment with mutual respect by and for all associates and applicants.