Senior Staff Engineer – Cybersecurity Data Protection Engineer; HYBRID

Senior Staff Engineer – Cybersecurity Data Protection Engineering

Base Pay Range: $/yr – $/yr

At GEICO, we offer a rewarding career where your ambitions are met with endless possibilities. Every day we honor our iconic brand by offering quality coverage to millions of customers and being there when they need us most. We thrive through relentless innovation to exceed our customers’ expectations while making a real impact for our company through our shared purpose. When you join our company, we want you to feel valued, supported and proud to work here.

That’s why we offer The GEICO Pledge:
Great Company, Great Culture, Great Rewards and Great Careers.

Lead the organization’s efforts to identify, assess, and evaluate potential vulnerabilities and threats to the organization’s information systems and sensitive data. Conduct regular data risk assessments, recommend controls and countermeasures, and monitor the effectiveness of implemented security measures. Act as an expert and mentor for other data protection engineers and develop and manage the overall data security and protection program.

• Develop and implement data protection strategies and initiatives, including classification and handling, data access controls, inventory, encryption, and retention.
• Work closely with stakeholders to enforce data protection policies and respond to regulatory requirements.
• Develop and maintain data security policies, procedures, and standards and ensure organization-wide compliance.
• Create and manage data inventories and data flows, and control data sharing.
• Design and implement data access controls, ensuring only authorized access to sensitive data.
• Co‑develop and implement data retention policies, complying with internal policy and external regulations.
• Enforce data encryption standards for data at rest and in transit.
• Lead incident response efforts related to data breaches and collaborate with stakeholders to mitigate impact.
• Conduct regular data risk assessments to identify vulnerabilities and threats.
• Stay abreast of new developments in cybersecurity and align risk assessment and security processes with industry standards.
• Act as an expert and mentor for other data protection engineers, providing guidance on best practices.
• Manage and supervise other data protection engineers, reviewing and approving their work.
• Represent the organization in external meetings and interactions with clients, stakeholders, and industry experts.

• Proven experience with data discovery, classification, handling, access, inventory, and retention.
• Proven experience with data protection technologies such as encryption, tokenization, and data loss prevention tools.
• Familiarity with programming languages such as Python, Java, or .NET.
• Experience designing and implementing data security solutions for enterprise environments.
• Experience managing and supervising other Data Protection Engineers.
• Experience developing data protection programs focused on discovery, inventory, risk assessments, and encryption for structured and unstructured data.
• Strong knowledge of cybersecurity laws, regulations, and best practices.
• Knowledge of data security frameworks, standards, and protocols.
• Strong understanding of data privacy laws and regulations (e.g., NYDFS, PCI).
• Strong analytical and problem‑solving skills.
• Excellent communication and presentation skills.
• Ability to excel in a fast‑paced, startup‑like environment.

• 7+ years in cybersecurity, focused on data protection and privacy.
• 4+ years in open‑source frameworks.
• 3+ years in architecture and design.
• 3+ years with AWS, GCP, Azure, or other cloud services.

• Bachelor’s degree in Computer Science, Information Systems, or equivalent education or work experience.

• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certified in Risk and Information Systems Control (CRISC)

$ – $

The above annual salary range is a general guideline. Multiple factors, including role scope, candidate experience, education and training, and market considerations, influence the final compensation.

GEICO hires and promotes individuals solely on the basis of their qualifications for the job to be filled. GEICO reasonably accommodates qualified individuals with disabilities and is committed to providing a safe work environment free from discrimination and harassment. GEICO is an equal employment opportunity employer.