Geico

Sr Staff Engineer - AI Security

Geico$120K — $260K *
Information Technology
8 - 10 years of experience
Job Overview by Ladders

Qualifications

  • Expert knowledge in AI and agentic applications and their design patterns.
  • Hands-on product development experience in AI with a mature Software Development Life Cycle (S-SDLC).
  • Direct experience collaborating with development teams to document secure solutions.
  • Proven ability to analyze and threat model complex systems for security flaws.
  • Familiarity with common vulnerabilities, attack vectors, and encryption technologies.
  • Extensive knowledge of secure design standards and regulatory frameworks.
  • Strong understanding of application development life cycle methodologies and cloud security principles.

Responsibilities

  • Lead security design and development of AI-based applications.
  • Drive and refine GEICO's AI Security strategy.
  • Establish and promote secure development best practices across teams.
  • Review architectural designs to ensure security alignment.
  • Define security standards and partner with Product Development for implementation.
  • Advise on the implementation of cybersecurity policies.
  • Provide strategic guidance on security risks and integration of new technologies.

Benefits

  • Comprehensive health, dental, and vision insurance.
  • Retirement savings plan with company match.
  • Paid time off including vacation and holidays.
  • Opportunities for professional development and training.
  • Work-life balance initiatives and flexible working arrangements.
Full Job Description
GEICO is seeking an experienced Senior (Sr) Staff Engineer to provide enterprise strategy and support for AI security. You will proactively and holistically lead and support security activities that guide the design, development, security of code, and code repositories for agentic enterprise and consumer applications and services.

Position Description:

Our AI Security Sr. Staff Engineer is a senior level position that reports to the Sr Director of Product Security and works closely with senior leaders, development teams, product teams, and others across the organization to integrate security into the product lifecycle. The AI Sr Security Staff Engineer is a subject matter expert in defining the AI security strategy for GEICO as well as security requirements for AI and agentic applications, defining secure application design, performing security assessments, threat modeling, and providing developers with remediation guidance and solutions. On any given day, the AI Security Sr. Staff Engineer can be pulled in to evaluate a new system, review a proposed application design, or provide solutions for AI security/coding best practices.

Position Responsibilities

As a Sr. Staff Engineer, you will:
  • Work independently with developers, system/network engineers, product owners, and other engineers to ensure secure design, development, and implementation of AI and agentic based applications
  • Drive AI Security strategy across GEICO
  • Develop secure agentic development best practices standards and drive adoption across the developer community
  • Define and document secure architecture patterns and anti-patterns
  • Perform security architecture design reviews of our products including web applications, services, and mobile applications.
  • Define security best practices and standards and partner with Product Development teams to implement them.
  • Provide remediation guidance and recommendations to developers and engineers.
  • Serve as a technical advisor and consultant to colleagues and GEICO leadership on the implementation of the Cybersecurity security policy and standards.
  • Provide technical thought leadership for integration decisions, analyzing design constraints and trade-offs in system and security design, and ensuring integrity of GEICO mission objectives, while protecting GEICO assets from cyber threats and vulnerabilities.
  • Work with Product Development teams to help prioritize and validate urgency of mitigation of identified product vulnerabilities and security feature enhancement requests
  • Interface with the Product and Cyber Security teams to track security feature enhancement requests
  • Help develop actionable insights, prioritizing the work, based on risk, and impact, and allocate resources effectively, using Geico specific large data sets.


Qualifications:
  • Expert knowledge in AI and agentic applications, services, design patterns, and protocols (e.g., skills, agents, MCPs, etc.)
  • Hands-on AI product development experience, with strict SLA and SLR, using a mature S-SDLC.
  • Direct experience working with development teams to define, develop and document secure solutions
  • Experience breaking down complex systems and applications to find flaws with analysis and threat modeling
  • Strong familiarity with common vulnerabilities and attack vectors
  • Knowledge of ubiquitous encryption technologies (PGP, SSH, SSL, etc.) and common authentication protocols (OpenID Connect, OAUTH, SAML, RADIUS, LDAP, KERBEROS, etc.)
  • Solid understanding of secure network, system, and service design in cloud (Azure, AWS etc.) and conventional environments
  • Understanding and applied use of OWASP Top 10, NIST SP800 Series, NIST CSF, FIPS 140-2, ISO 27001, PCI-DSS, etc.
  • Knowledge of various aspects of a technology architecture like integration, network, and security
  • Advanced understanding and knowledge of application development life cycle methodologies (such as agentic development, waterfall, spiral, agile software development, rapid prototyping, incremental, synchronize and stabilize, and DevOps/ SecDevOps)
  • Exposure to multiple, diverse security technologies, platforms, and processing environments
  • Strong command of strategic and emerging security/ cloud technology trends, and the practical application of existing and emerging technologies to new and evolving business and operating models.
  • Good understanding of product management, agile principles and development methodologies and capability of supporting agile teams by providing advice and guidance on opportunities, impact, and risks, taking account of technical and architectural debt
  • Experience collaborating closely with senior executives on strategic initiatives
  • A background integrating security testing into the SDLC
  • Experience providing security training to developers
  • Ability to find security defects within programming languages such as Go, Rust, Java, Python, Object C, and mobile device languages
  • Demonstrated experience using SCA, DAST, and SAST tools and services
  • One or more of the following Cybersecurity certifications are highly desired: Security+, Certified Information System Security Professional (CISSP), Certified Software Security Lifecycle Professional (CSSLP) or Certified Information Security Manager (CISM)


Experience:
  • 10+ years planning and designing application security, cloud security, systems security, or platform security
  • 10+ years of experience in at least two security solution design and development disciplines, including technical or security infrastructure architecture, cloud security, network security management, secure application development or secure cloud development.
  • 6+ years of experience in application and open-source security
  • 6+ years of experience with AWS, GCP, Azure, or another cloud service
  • 2+ years of experience in AI development and frameworks


Education
  • Bachelor's degree in Computer Science, Information Systems, Cybersecurity, or equivalent education or work experience


Annual Salary
$120,000.00 - $260,000.00
The above annual salary range is a general guideline. Multiple factors are taken into consideration to arrive at the final hourly rate/ annual salary to be offered to the selected candidate. Factors include, but are not limited to, the scope and responsibilities of the role, the selected candidate's work experience, education and training, the work location as well as market and business considerations.

GEICO will consider sponsoring a new qualified applicant for employment authorization for this position.

About Geico

GEICO (Government Employees Insurance Company) is an American auto insurance company with headquarters in Chevy Chase, Maryland. It is the second largest auto insurer in the United States, after State Farm. GEICO is a wholly owned subsidiary of Berkshire Hathaway that provides coverage for more than 24 million motor vehicles owned by more than 15 million policy holders as of 2017. GEICO writes private passenger automobile insurance in all 50 U.S. states and the District of Columbia. The insurance agency sells policies through local agents, called GEICO Field Representatives, and over the phone directly to the consumer, and through their website.
Learn more about Geico
Size
40,000 employees
Industry
Founded
1936

Similar Jobs

More Jobs at Geico

More Information Technology Jobs

Find similar Sr Staff Engineer - AI Security jobs: