GEICO is a renowned and forward-thinking organization that takes cybersecurity seriously, prioritizing the protection of our digital assets from cyber threats. We strive to maintain our position as a leading force in the industry, constantly improving our cybersecurity capabilities. We are seeking a highly skilled and experienced Staff Cyber Security Defense Engineer to join our team. This role, equivalent to a Principal Engineer level, requires deep expertise in Security Information and Event M... more details
GEICO is a renowned and forward-thinking organization that takes cybersecurity seriously, prioritizing the protection of our digital assets from cyber threats. We strive to maintain our position as a leading force in the industry, constantly improving our cybersecurity capabilities. We are seeking a highly skilled and experienced Staff Cyber Security Defense Engineer to join our team. This role, equivalent to a Principal Engineer level, requires deep expertise in Security Information and Event Management (SIEM) design, custom content development, automation, and custom tool development. The successful candidate will play a critical role in enhancing our security infrastructure and capabilities.
You will be responsible for the architecture, implementation, and optimization of our SIEM solutions, developing custom detection content, automating security processes, and creating custom-made security tools to improve our overall cyber defense posture.
Key Responsibilities:
Architect, implement, and optimize SIEM systems to improve threat detection and incident response capabilities.
Develop and maintain advanced custom content for SIEM platforms, including correlation rules, custom dashboards, and alerts.
Automate repetitive security tasks to enhance efficiency and accuracy, reducing manual intervention.
Design, develop, and integrate custom security tools and scripts to support and enhance cyber defense operations.
Perform in-depth analysis of security data from diverse sources to identify trends, patterns, and anomalies indicative of potential threats.
Collaborate with security analysts, incident responders, and other stakeholders to refine and enhance detection and response strategies.
Ensure the SIEM environment is optimized for high performance, reliability, and scalability.
Integrate new data sources into the SIEM, ensuring comprehensive log collection and normalization.
Provide expert guidance and best practices for SIEM configuration, deployment, and tuning.
Stay current with emerging threats, SIEM technologies, automation trends, and industry developments to continuously improve our defenses.
Conduct regular assessments and audits of SIEM and automation processes to ensure compliance and effectiveness.
Technical Qualifications:
Minimum of 8 years of experience in cyber security, with at least 5 years focused on SIEM design, custom content development, and automation.
Proven expertise in SIEM platforms such as Splunk, ArcSight, QRadar, or similar.
Advanced scripting skills in languages such as Python, PowerShell, Bash, or Perl for automation and tool development.
Strong experience with API integrations, RESTful services, and data parsing techniques.
Proficiency in using regular expressions (regex) for log parsing and correlation rule creation.
In-depth understanding of network protocols, intrusion detection/prevention systems (IDS/IPS), firewalls, and endpoint security solutions.
Strong analytical and problem-solving skills, with the ability to perform complex data analysis and threat hunting.
Experience with machine learning techniques and their application in cyber security is a plus.
Relevant certifications such as CISSP, GCIA, OSCP, or SIEM vendor-specific certifications are highly desirable.
Education:
#LI-AW1
GEICO will consider sponsoring a new qualified applicant for employment authorization for this position.
Benefits:
As an Associate, you’ll enjoy our Total Rewards Program* to help secure your financial future and preserve your health and well-being, including:
- Premier Medical, Dental and Vision Insurance with no waiting period**
- Paid Vacation, Sick and Parental Leave
- 401(k) Plan
- Tuition Reimbursement
- Paid Training and Licensures
*Benefits may be different by location. Benefit eligibility requirements vary and may include length of service.
**Coverage begins on the date of hire. Must enroll in New Hire Benefits within 30 days of the date of hire for coverage to take effect.
The equal employment opportunity policy of the GEICO Companies provides for a fair and equal employment opportunity for all associates and job applicants regardless of race, color, religious creed, national origin, ancestry, age, gender, pregnancy, sexual orientation, gender identity, marital status, familial status, disability or genetic information, in compliance with applicable federal, state and local law. GEICO hires and promotes individuals solely on the basis of their qualifications for the job to be filled.
GEICO reasonably accommodates qualified individuals with disabilities to enable them to receive equal employment opportunity and/or perform the essential functions of the job, unless the accommodation would impose an undue hardship to the Company. This applies to all applicants and associates. GEICO also provides a work environment in which each associate is able to be productive and work to the best of their ability. We do not condone or tolerate an atmosphere of intimidation or harassment. We expect and require the cooperation of all associates in maintaining an atmosphere free from discrimination and harassment with mutual respect by and for all associates and applicants.