Cyber security • seattle wa
At GEICO, we offer a rewarding career where your ambitions are met with endless possibilities.Every day we honor our iconic brand by offering quality coverage to millions of customers and being the... Show more
SummaryAt PwC, our people in cybersecurity focus on protecting organizations from cyber threats through advanced technologies and strategies.They work to identify vulnerabilities, develop secure sy... Show more
SummaryAt PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies.They work to identify vulnerabilities, develop secure sy... Show more
As a Product Security Engineer at Amazon Payments Security, you'll be at the forefront of protecting systems that handle financial transactions and customer data for millions of Amazon customers.Yo... Show more
Protingent Staffing has an exciting contract Nuclear Cyber Security Systems Architect opportunity.Responsible for interfacing and supporting geographically diverse and international design team mem... Show more
Cyber Oracle Cloud Security –Consultant.Our Deloitte Cyber team understands the unique challenges and opportunities businesses face in cybersecurity.Join our team to deliver powerful solutions to h... Show more
Are you passionate about delivering innovative security solutions and protecting millions of customers through a blend of deep security expertise, hands-on coding, and building scalable security gu... Show more
SummaryAt PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies.They work to identify vulnerabilities, develop secure sy... Show more
Known for being a great place to work and build a career, KPMG provides audit, tax and advisory services for organizations in today's most important industries.Our growth is driven by delivering re... Show more
Amazon Web Services (AWS) is one of Amazon’s fastest growing businesses.We are passionate about thinking big, innovating on behalf of our customers, and tackling problems at scale.Cloud computing i... Show more
SummaryAt PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies.They work to identify vulnerabilities, develop secure sy... Show more
Our client, a leading energy technology company focused on advanced nuclear reactor research and development, is looking for a.Nuclear Cyber Security Systems Architect.In this role, you will act as... Show more
Hiring Bonus for eligible external hires that meet the required qualifications and conditions for payment.This is a combined posting for Security Officer and Senior Security Officer.The requirement... Show more
Cyber Oracle Cloud Security – Senior Consultant.Our Deloitte Cyber team understands the unique challenges and opportunities businesses face in cybersecurity.Join our team to deliver powerful soluti... Show more
This role involves patrolling the facility, monitoring surveillance equipment, and enforcing rules and regulations to create a secure environment, particularly.The Unarmed Security Guard plays a ke... Show more
The hourly pay range for this role is $.This range is only applicable for jobs to be performed in Seattle, WA.This is the lowest to highest pay scale we in good faith believe we would pay for this ... Show more
Come help us conduct sophisticated offensive security operations targeting emerging threats across the AWS identity and platform infrastructure.This role is responsible for executing Red Team opera... Show more
Job Summary and Responsibilities.As our Security Officer, you will monitor buildings and grounds on the property to ensure the safety and security of employees, patients, and other visitors.Every d... Show more
Do you want to work for a great company with competitive benefits and pay? The Holiday Inn Seattle Downtown – Lake Union is looking to hire a Security Guard.If you think you'd be a great addition t... Show more
At GEICO, we offer a rewarding career where your ambitions are met with endless possibilities.
Every day we honor our iconic brand by offering quality coverage to millions of customers and being there when they need us most. We thrive through relentless innovation to exceed our customers’ expectations while making a real impact for our company through our shared purpose.
When you join our company, we want you to feel valued, supported and proud to work here. That’s why we offer The GEICO Pledge: Great Company, Great Culture, Great Rewards and Great Careers.
This role is designed for astaff‑levelsecurity practitioner with deep Cyber Governance, Risk, and Compliance (GRC)expertisewho shapes the vision, strategy, and outcomes of GEICO’s cyber governance automation capabilities. The Staff Security Engineer owns theend‑to‑endautomated cyber governance program, including defining and delivering the roadmap for continuous control monitoring and validation, scalable evidence collection, andreal‑timeaudit readiness across GEICO’s hybrid cloud andon‑premenvironments.
This position partners closely with engineering and platform teams to translate complex regulatory, policy, and control requirements into prioritized,well-definedautomation capabilities, ensuring solutions are scalable, sustainable, and aligned to enterprise risk priorities. Success in this role means turning governance requirements into durable,outcome drivenproducts thatdemonstratecontrol effectiveness and reduce audit friction.
Key Responsibilities
Cyber Governance Product & Program Ownership
Contribute to the vision, strategy, and roadmap for GEICO’s cyber governance automation capabilities, driving delivery through prioritized execution and continuous improvement.
Define how policies, standards, regulatory frameworks, and technical controls are operationalized and continuouslyvalidatedthrough automated evidence collection.
Own governance automation platformsend‑to‑endas the system of record for control health, evidence, and audit readiness across cloud andon‑premenvironments.
Own end to end accountability for achieving near100% automation coverage, including designing scalableon‑premautomation strategies and governing compensating controls where full automation is notfeasible, whilemaintainingaudit defensibility.
Define and enforce governance standards for automation coverage targets,evidenceSLAs, control performance metrics, and telemetry requirements.
Own the governance automation roadmap, prioritizing work based on risk reduction, regulatory requirements, and operational efficiency.
Establish and operationalize a standardized,risk‑basedremediation lifecycle, including severity classification, timelines, escalation paths, closure criteria, and enforced SLAs.
Maintain ownership of remediation scheduling frameworks andforward‑lookingvisibility into upcoming deadlines.
Define and operationalize a standardized remediation lifecycle for control failures, including severity classification, remediation timelines, escalation paths, and closure criteria
Establish and enforce risk-based remediation SLAs (e.g., critical, high, medium), ensuringtimelyresolution of non-compliant controls across engineering and platform teams
Own the remediation scheduling framework, providing forward-looking visibility into non-compliance, upcoming deadlines, and enforcement timelines
Ensure all non-compliance is consistently tracked, prioritized, and driven to resolution through scalable workflows
Provide transparent reporting and forecasting of remediation status, risks, and expected closure timelines to leadership
Ensure allnon‑complianceis consistently tracked, prioritized, and driven to closure through scalable workflows.
Partner with compliance, risk, audit, and engineering leaders to ensure governance capabilities align with enterprise risk priorities and regulatory obligations (e.g., NYDFS, PCI DSS, NIST CSF, SOC, ISO).
Act as the single point of accountability for governance automation outcomes, includingexecutive‑levelrisk, remediation, andaudit‑readinessreporting with forecasting.
Technical Strategy & Product Stewardship
Own theproduct strategyanddirectionfor GEICO’s Automated Cyber Governance capabilities, ensuring clearsystem‑of‑recorddefinitions, scalability expectations, and alignment tolong‑termenterprise needs.
Partner with engineering and platform teams todefine and prioritize governance automation capabilities, providing product requirements, architectural guardrails, and acceptance criteria rather than performing direct system development.
Partner with engineering and platform teams to design and implement scalable on-prem automation strategies for control monitoring and evidence collection, ensuring alignment with enterprise data, integration, and telemetry standards
Define andmaintainintegration principles, system boundaries, and data standardsto ensure reliable, secure, and consistent evidence flows across cloud platforms, security tools, and internal systems.
Evaluate and guide the responsible use of AI capabilities within governance platforms(e.g., evidence classification, control mapping suggestions, risk summarization), ensuring explainability, auditability, and alignment with regulatory expectations.
Serve as theprimary point of accountability for governance automation outcomes, working with engineering leaders to resolve complex platform challenges and ensuresolutionsremainreliable, sustainable, and fit for purpose.
Ensure 100% source system adoptionand integrationfeeding governance evidence (e.g., cloud, IAM, logging, asset inventory)
Accountability foridentifyingand closing:Missing telemetry, Integration gaps, Inconsistent or unreliable data sources, Enforcement of standardized telemetry and data requirements across teams
Ownership of automated control quality assurance,includingFalse positive / false negative reduction, Control tuning, Drift detection
Ensuring all automated evidenceisAudit‑defensible, Traceable, Aligned to regulatory intent
Ownership ofcontrol change managementfor new and modified controls
Define and lead the change management process for new and modified controls
Determinethe roadmap for controlsmonitorand evidence collection based on regulatory obligations and risk
Translate regulatory, policy and control changes into actionable engineering requirements, including implementation guidance and evidence expectations
Drive awareness by providing proactive communication to stakeholders on what is changing, why it matters and by when compliance isrequired
Monitor and report on control adoption rates and readiness escalating risks when timelines are not met
Translating regulatory, policy, and control changes into:Engineering requirements
Implementation guidance, Evidence expectations
Proactive stakeholder communication:What is changing,Whyit matters, Compliance deadlines, Tracking and escalatingcontrol adoption readiness risks
Automation & Continuous Control Monitoring
Define how security policies, standards, and control requirements aretranslated into automated, continuouslymonitoredcontrol capabilities, including clear requirements, success criteria, andevidenceexpectations.
Establish standards and expectations forautomated detection of controlnon‑adherence, and partner with engineering and remediation teams to ensureappropriate remediationguidance, workflows, or integrations are in place.
Ensure evidence outputs areaudit‑ready, traceable, repeatable, and aligned to regulatory intent, materially reducing reliance onpoint‑in‑time, manual evidence collection.
ApplyAI‑assistedtechniques to improve control validation and evidence quality, such as anomaly detection, evidence completeness checks, control drift identification, and signal prioritization across large control populations.
LeverageAI‑enabledinsights to reduce noise and surface material control failures, ensuring governance automation focuses on true risk rather than generatinglow‑valuealerts.
Cross‑FunctionalLeadership & Enablement
Serve as atrusted partner and advisorto engineering, infrastructure, cloud, and security teams by providing clarity on governance requirements, regulatory intent, and how they are operationalized through scalable solutions.
Influence partner teams to adopt aproduct‑andautomation firstapproachto governance, compliance, and policy adherence, reducing manual effort and improving consistency across the enterprise.
Communicate complex technical and regulatory concepts clearly to a broad range of stakeholders, including engineers, risk and audit partners, and executive leadership.
Contribute to raising the organization’sgovernance, automation, and product maturitythrough guidance, enablement, andcross‑functionalcollaboration.
Program Maturity & Continuous Improvement
Continuously assess governance automation capabilities, processes, and supporting tools toidentifyopportunities toscale adoption, increase automation coverage, and improve effectiveness.
Own the definition and evolution ofcyber governance metrics and reporting, including dashboards that provide clear visibility into control health, automation coverage, audit readiness, and risk posture for executive and stakeholder audiences.
Track product and program outcomes,identifygaps against regulatory and riskobjectives, andprioritize improvement initiativesthat advance maturityquarter over quarter.
IncorporateAI‑driveninsights into governance metrics and reporting, such as trend analysis, control health forecasting, or remediation prioritization, to improve executive visibility anddecision-making.
Promote continuous learning andbest practicesharing across cyber governance, risk, audit, and engineering communitiesto improve consistency, effectiveness, andlong-termsustainability.
Metrics, Reporting & Executive Insight
Establishesand enforces the cyber governance metric model that directly drives control effectiveness, remediation accountability, and enterprise risk reduction. The Staff Security Engineer has clear ownership of defining, standardizing, and operationalizing metrics that areautomation backed, auditable, and actively used to hold teams accountable
Accountable for defining and owning core governance metrics, including:
Automation coverage (%) across regulatory and internal control sets
Continuous vs. manual control execution ratio
Evidence freshness and SLA adherence for automated controls
Control failure rates and recurrence trends
Remediation mean time to resolution (MTTR)
Tool, control, and automation adoption andutilizationrates
SLA adherence by severity tier for policy, control, and regulatory findings
Executive reporting produced by this role:
Clearly ties automation outcomes tomeasurable risk reduction
Demonstrates sustained,real‑timeaudit readinessand control health
Quantifiesoperational efficiency gainsfrom automation, including reduced manual effort, faster remediation, and feweraudit‑drivenescalations
Required Qualifications
6+ years of experience across Cyber Governance, Risk, and Controls (GRC), withdemonstratedownership ofcomplex,cross functionalprograms or productsthat deliver measurable compliance and risk outcomes.
Proven experiencedefining, scaling, and evolving governance automation or compliance platforms, including ownership of outcomes such as control validation, evidence quality, and audit readiness.
Strong technical fluency with cloud platforms, integrations, and automation concepts, with the ability topartner effectively with engineering teamsto define requirements and evaluate implementation approaches (without direct system development responsibility).
Deep understanding of major security and compliance frameworks (e.g., NIST CSF, NYDFS 500, PCI DSS, SOC, ISO 27001) and the ability totranslate regulatory expectations into scalable governance capabilities.
Demonstrated ability tolead and align complex initiativesacross GRC, engineering, risk, and audit stakeholders, with accountability for outcomes, adoption, andlong‑termsustainability.
Technical Skills
Strong technical fluency across modern engineering concepts, with the ability topartner effectively with engineering teamson the design and delivery of scalable governance automation capabilities.
Experience owning and scalingoff‑the‑shelfautomated governance and compliance platforms(e.g.,Drata, Vantaor similar), including defining control mappings, evidence models, automation coverage targets, and integration strategy.
Working knowledge of APIs, authentication mechanisms (e.g., OAuth, SAML), and common data formats (e.g., JSON, XML), sufficient todefine requirements, evaluate approaches, and assess integration feasibility.
Familiarity with cloud platforms (AWS, Azure, and/or GCP) and an understanding of how security controls areimplemented,validated, andevidencedwithin cloud environments.
Exposure to containers,cloud‑nativeservices, and CI/CD environments to support informeddecision‑makingand collaboration (nice to have).
Experience applying or governingAI‑assistedcapabilities within security, cybergovernanceor risk platforms, with an understanding of model limitations, data quality considerations, and audit implications
What Success Looks Like
Cyber governance controls and evidence arecontinuouslymonitored, validated, andaudit‑ready, with minimal reliance on manual orpoint‑in‑timeprocesses.
Engineers and control owners experiencereduced audit friction, clear expectations, and repeatable governance workflows embedded into standard operating practices.
Leadership hasclear, reliable visibilityintocontrolhealth, risk posture, and remediation progress through consistent, trusted metrics.
Governance automation capabilitiesscale with the businessand adapt quickly to changing regulatory requirements, risk priorities, and technology evolution.
Annual Salary
$110,000.00 - $230,000.00The above annual salary range is a general guideline. Multiple factors are taken into consideration to arrive at the final hourly rate/ annual salary to be offered to the selected candidate. Factors include, but are not limited to, the scope and responsibilities of the role, the selected candidate’s work experience, education and training, the work location as well as market and business considerations.
At this time, GEICO will not sponsor a new applicant for employment authorization for this position.The GEICO Pledge:
Great Company: At GEICO, we help our customers through life’s twists and turns. Our mission is to protect people when they need it most and we’re constantly evolving to stay ahead of their needs.
We’re an iconic brand that thrives on innovation, exceeding our customers’ expectations and enabling our collective success. From day one, you’ll take on exciting challenges that help you grow and collaborate with dynamic teams who want to make a positive impact on people’s lives.
Great Careers: We offer a career where you can learn, grow, and thrive through personalized development programs, created with your career – and your potential – in mind. You’ll have access to industry leading training, certification assistance, career mentorship and coaching with supportive leaders at all levels.
Great Culture: We foster an inclusive culture of shared success, rooted in integrity, a bias for action and a winning mindset. Grounded by our core values, we have an an established culture of caring, inclusion, and belonging, that values different perspectives. Our teams are led by dynamic, multi-faceted teams led by supportive leaders, driven by performance excellence and unified under a shared purpose.
As part of our culture, we also offer employee engagement and recognition programs that reward the positive impact our work makes on the lives of our customers.
Great Rewards: We offer compensation and benefits built to enhance your physical well-being, mental and emotional health and financial future.
