65 applicants

Company

Original Job Post

GEICO · 2 days ago

Cyber Defense Engineer

Chevy Chase, MD

Full-time

Hybrid

Senior Level

5+ years exp

Wonder how qualified you are to the job?

Maximize your interview chances

Auto InsuranceFinancial Services

Actively Hiring

Insider Connection @GEICO

Discover valuable connections within the company who might provide insights and potential referrals, giving your job application an inside edge.

Responsibilities

Design and develop sophisticated custom SIEM content, including correlation rules, and anomaly detection algorithms, to elevate threat detection and response capabilities.

Engineer automation solutions using scripting languages such as Python, PowerShell, or Ruby to streamline repetitive tasks, enhance operational efficiency, and accelerate incident response workflows.

Develop and deploy security orchestration, automation, and response (SOAR) platforms, integrating disparate security tools and systems to orchestrate cohesive defense strategies.

Conduct in-depth analysis of cyber threats, vulnerabilities, and attack patterns to inform the creation of robust defensive measures and countermeasures.

Collaborate with cybersecurity analysts and incident responders to design and implement playbooks, runbooks, and automated response actions for rapid incident containment and remediation.

Develop custom cyber security tools, plugins, or applications to extend the functionality of existing security infrastructure, enhance visibility, and strengthen defensive postures.

Lead technical discussions, provide subject matter expertise, and mentor junior team members on advanced cyber defense concepts, techniques, and best practices.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Cyber Security EngineeringSIEM Content DevelopmentAutomationTool DevelopmentScriptingProgramming LanguagesPythonPowerShellRubyData StructuresAlgorithmsSoftware Design PrinciplesSIEM PlatformsSplunkElasticsearchQRadarChronicleSecurity OrchestrationSOAR ConceptsSOAR PlatformsDemistoPhantomSwimlaneCyber Security FrameworksMITRE ATT&CKNIST Cybersecurity FrameworkThreat DetectionThreat AnalysisAnalytical SkillsDefensive Strategies

Required

Minimum of 5 years of hands-on experience in cyber security engineering, with a strong focus on SIEM content development, automation, and tool development.

Expert proficiency in scripting and programming languages such as Python, PowerShell, or Ruby, with a deep understanding of data structures, algorithms, and software design principles.

Extensive experience with leading SIEM platforms (e.g., Splunk, Elasticsearch, QRadar, Chronicle), including advanced configuration, customization, and optimization for large-scale enterprise deployments.

In-depth knowledge of security orchestration, automation, and response (SOAR) concepts and technologies, with practical experience deploying and managing SOAR platforms (e.g., Demisto, Phantom, Swimlane).

Familiarity with cyber security frameworks (e.g., MITRE ATT&CK, NIST Cybersecurity Framework) and their application in threat detection, analysis, and response.

Excellent analytical skills with a proven ability to understand complex cyber threats and develop innovative defensive strategies.

Strong communication skills with the ability to articulate technical concepts effectively to both technical and non-technical audiences

Bachelor's degree in Computer Science, Information Security, or a related field; Master's degree preferred.

Benefits

Premier Medical, Dental and Vision Insurance with no waiting period

Paid Vacation, Sick and Parental Leave

401(k) Plan

Tuition Reimbursement

Paid Training and Licensures

Company

GEICO

Glassdoor

2.7

GEICO, Government Employees Insurance Company, has been providing affordable auto insurance since 1936. It is a sub-organization of Berkshire Hathaway.

Founded in 1936

Chase, Maryland, USA

10,001+ employees