GEICO is seeking an Identity and Access Leader to provide strategic and technical direction for both Identity and Access security domains. This transformational leadership role is a Cyber Security leadership role that some may think this is a unicorn. We are looking for the right person to guide a team in these critical security disciplines to adopt industry best of class principles and controls while achieving high user adoption via a low friction usage strategy. This role will require experience in identifying and guiding the implementation and operation of industry leading identity systems and secure access service edge solutions.

You will proactively and holistically drive, lead, and support security activities that guide the vision, strategy and validation of our people. You will help drive our insurance business transformation as we transition from a traditional IT Security model to a tech organization with engineering excellence as its mission, while co-creating a culture of leveraging security to enable the business while protecting against the latest threats.

Our leaders work with other leaders and engineers to innovate and drive new systems, improve security, and enhance existing systems while also identifying new opportunities to apply an offensive security mindset to solve critical problems at a rapid pace. You will lead the vision and execution of a technical roadmap that will raise the bar. The ideal candidate has deep technical expertise in these domains and a proven track record in building teams that transform organizations.

As a security leader of identity and access, you will: 

Establish strong partnerships with other leaders across all aspects of the organization, including product managers, team members, engineering leaders, and executives to solve complex problems with minimal business impact.
Effectively socialize complex security concepts to all levels of the organization in relatable ways, emphasizing standards and fairly describing risks, while empathizing with the listeners’ needs.
Establishment and deliverance of roadmaps for identity-related strategies, secure access models, and SaaS security. Be a visionary.
Must be open and motivated to bring change where needed yet see and support the good that is already there.
Develop a team of highly skilled transformers who rally together to share a common vision and strategy for the next generation of the identity and access services in the company.
Influence and educate leadership at all levels to bring a security minded approach to difficult challenges balancing usability and security with creative and innovative solutions.
Proactively identify opportunities to enhance security measures, streamline processes, and optimize tooling to fortify our environment against emerging threats.
Develop and implement policies, standards, and guidelines to ensure compliance with industry regulations and frameworks, promoting security as an integral part of our operation and partner with external teams and their leadership to implement.
Provide impactful demonstrations and communicate the value of our security measures to the business, highlighting the positive impact on efficiency, customer trust, and overall success.
Apply your experience in least privileged access and Zero Trust Network Access across users, systems, and public presentation of company data and communication. Ensure these philosophies are universally applied across all levels of the infrastructure and applications in service.
Enforce identity and access management practices and incorporate multi-factor authentication and identity verification mechanisms to strengthen access controls.
Oversee the administration of VPN access, implementing secure connectivity solutions for both remote and on-site operations.

Qualifications

Extensive experience in transformation leadership roles, with a strong business enablement mindset.
Experience communicating and presenting to senior staff with the ability to influence stakeholders.
Experience in a multi-platform environment with Linux, Mac, Windows.
Extensive experience in industry-standard security tools, frameworks, and best practices for: IGA, ITDR, IAM, SASE/SSE, NGFW, and CIS, NIST.
Experience with multiple IaaS platforms from top tier providers and best practices for securing identity and access.
Ability to excel in a fast-paced, startup-like environment.
Strong background in robust zero trust network architecture, implementing continuous verification-based access controls to bolster overall network security.
Deep experience in implementing Secure Access Service Edge (SASE) principles and orchestrating the integration of network security with identity.
Historical evidence of delivering automation at scale for improving the user experience while removing barriers for our users.
History of documenting policies, standards and defending security controls in a regulated environment.

Experience

• 10+ years in a dedicated security leadership role, preferably in the tech industry influencing company direction on security.

• 5+ years of designing and managing modern secure access solutions (sase, sse) either building or leveraging top partners (Netskope, Zscaler, Prisma).

• 5+ years of experience in identity related technologies and protocols (saml, scim, ldap, radius, etc) and in identity provider services and technologies (Microsoft Entra, Active Directory, AWS IAM, Okta, OpenLDAP, etc).

• 3+ years of experience with Identity Governance Administration services (Sailpoint, Saviynt, similar)

• 3+ years of experience applying security controls to exceed third party attestation requirements (PCI, SOC, …).

• 4+ years of experience with AWS, GCP, Azure, or other cloud providers.

• 3+ years of hands on experience in privileged access management tools and services (BeyondTrust, CyberArk, Delinia, etc).

• 3+ years of enterprise security architect experience.

Annual Salary

$150,000.00 - $300,000.00

The above annual salary range is a general guideline. Multiple factors are taken into consideration to arrive at the final hourly rate/ annual salary to be offered to the selected candidate. Factors include, but are not limited to, the scope and responsibilities of the role, the selected candidate’s work experience, education and training, the work location as well as market and business considerations.

At this time, GEICO will not sponsor a new applicant for employment authorization for this position.

Benefits:

As an Associate, you’ll enjoy our Total Rewards Program* to help secure your financial future and preserve your health and well-being, including:

Premier Medical, Dental and Vision Insurance with no waiting period**
Paid Vacation, Sick and Parental Leave
401(k) Plan
Tuition Reimbursement
Paid Training and Licensures

*Benefits may be different by location. Benefit eligibility requirements vary and may include length of service.

**Coverage begins on the date of hire. Must enroll in New Hire Benefits within 30 days of the date of hire for coverage to take effect.

The equal employment opportunity policy of the GEICO Companies provides for a fair and equal employment opportunity for all associates and job applicants regardless of race, color, religious creed, national origin, ancestry, age, gender, pregnancy, sexual orientation, gender identity, marital status, familial status, disability or genetic information, in compliance with applicable federal, state and local law. GEICO hires and promotes individuals solely on the basis of their qualifications for the job to be filled.

GEICO reasonably accommodates qualified individuals with disabilities to enable them to receive equal employment opportunity and/or perform the essential functions of the job, unless the accommodation would impose an undue hardship to the Company. This applies to all applicants and associates. GEICO also provides a work environment in which each associate is able to be productive and work to the best of their ability. We do not condone or tolerate an atmosphere of intimidation or harassment. We expect and require the cooperation of all associates in maintaining an atmosphere free from discrimination and harassment with mutual respect by and for all associates and applicants.