GEICO is a renowned and forward-thinking organization that takes cybersecurity seriously, prioritizing the protection of our digital assets from cyber threats. We strive to maintain our position as a leading force in the industry, constantly improving our cybersecurity capabilities. As part of our ongoing commitment to bolstering our defenses, we are in search of an exceptional and self-motivated individual to fill the vital role of Cyber Defense Engineer within our dynamic and innovative team. ...
GEICO is a renowned and forward-thinking organization that takes cybersecurity seriously, prioritizing the protection of our digital assets from cyber threats. We strive to maintain our position as a leading force in the industry, constantly improving our cybersecurity capabilities. As part of our ongoing commitment to bolstering our defenses, we are in search of an exceptional and self-motivated individual to fill the vital role of Cyber Defense Engineer within our dynamic and innovative team.
Key Responsibilities:
Design and develop sophisticated custom SIEM content, including correlation rules, and anomaly detection algorithms, to elevate threat detection and response capabilities.
Engineer automation solutions using scripting languages such as Python, PowerShell, or Ruby to streamline repetitive tasks, enhance operational efficiency, and accelerate incident response workflows.
Develop and deploy security orchestration, automation, and response (SOAR) platforms, integrating disparate security tools and systems to orchestrate cohesive defense strategies.
Conduct in-depth analysis of cyber threats, vulnerabilities, and attack patterns to inform the creation of robust defensive measures and countermeasures.
Collaborate with cybersecurity analysts and incident responders to design and implement playbooks, runbooks, and automated response actions for rapid incident containment and remediation.
Develop custom cyber security tools, plugins, or applications to extend the functionality of existing security infrastructure, enhance visibility, and strengthen defensive postures.
Lead technical discussions, provide subject matter expertise, and mentor junior team members on advanced cyber defense concepts, techniques, and best practices.
Qualifications:
Minimum of 5 years of hands-on experience in cyber security engineering, with a strong focus on SIEM content development, automation, and tool development.
Expert proficiency in scripting and programming languages such as Python, PowerShell, or Ruby, with a deep understanding of data structures, algorithms, and software design principles.
Extensive experience with leading SIEM platforms (e.g., Splunk, Elasticsearch, QRadar, Chronicle), including advanced configuration, customization, and optimization for large-scale enterprise deployments.
In-depth knowledge of security orchestration, automation, and response (SOAR) concepts and technologies, with practical experience deploying and managing SOAR platforms (e.g., Demisto, Phantom, Swimlane).
Familiarity with cyber security frameworks (e.g., MITRE ATT&CK, NIST Cybersecurity Framework) and their application in threat detection, analysis, and response.
Excellent analytical skills with a proven ability to understand complex cyber threats and develop innovative defensive strategies.
Strong communication skills with the ability to articulate technical concepts effectively to both technical and non-technical audiences
Education:
At this time, GEICO will not sponsor a new applicant for employment authorization for this position.
Benefits:
As an Associate, you’ll enjoy our Total Rewards Program* to help secure your financial future and preserve your health and well-being, including:
- Premier Medical, Dental and Vision Insurance with no waiting period**
- Paid Vacation, Sick and Parental Leave
- 401(k) Plan
- Tuition Reimbursement
- Paid Training and Licensures
*Benefits may be different by location. Benefit eligibility requirements vary and may include length of service.
**Coverage begins on the date of hire. Must enroll in New Hire Benefits within 30 days of the date of hire for coverage to take effect.
The equal employment opportunity policy of the GEICO Companies provides for a fair and equal employment opportunity for all associates and job applicants regardless of race, color, religious creed, national origin, ancestry, age, gender, pregnancy, sexual orientation, gender identity, marital status, familial status, disability or genetic information, in compliance with applicable federal, state and local law. GEICO hires and promotes individuals solely on the basis of their qualifications for the job to be filled.
GEICO reasonably accommodates qualified individuals with disabilities to enable them to receive equal employment opportunity and/or perform the essential functions of the job, unless the accommodation would impose an undue hardship to the Company. This applies to all applicants and associates. GEICO also provides a work environment in which each associate is able to be productive and work to the best of their ability. We do not condone or tolerate an atmosphere of intimidation or harassment. We expect and require the cooperation of all associates in maintaining an atmosphere free from discrimination and harassment with mutual respect by and for all associates and applicants.