As a Distinguished Engineer, you will collaborate with our Sr Staff, Staff, and Sr. Engineers to innovate and construct new systems, enhance existing ones, and discover fresh opportunities to apply your specialized knowledge in data security to resolve critical issues. You will spearhead the strategy and execution of a technical roadmap that accelerates product delivery and unlocks new engineering capabilities. Your leadership will be crucial in the design, implementation, and maintenance of a robust Encryption and Tokenization platform, ensuring the protection of sensitive data throughout the organization.
Position Responsibilities
Lead the development and execution of encryption, tokenization and key management platforms, solutions and strategies across the enterprise.
Ensure the quality, usability, and performance of the encryption and tokenization platform including ensuring high availability, disaster recovery, and auditable logging
Influence and educate leadership on the importance of secure data protection and key management practices
Collaborate across enterprise teams, including compliance, security and data governance teams to ensure cryptographic products are compliant to company policies
Stay updated on emerging trends in cryptography and apply this knowledge to enhance data protection strategies
Provide technical guidance and mentorship, fostering a culture of innovation and continuous improvement
Collaborate with cross-functional teams to integrate data protection (encryption and tokenization) solutions seamlessly with organizational goals
Build resilient and scalable key management systems architectures, driving innovation and cost efficiency.
Qualifications
Strong understanding of cryptographic encryption/tokenization and Key Management System.
Demonstrated experience in designing and implementing resilient, scalable, and efficient solutions for data at rest encryption using open-source cryptography libraries and encryption/tokenization protocols (FPE, AEAD etc.)
Strong software engineering skills (experience with Go preferred)
Knowledge of key management, Google Tink, PKCS11, JCE , OpenSSL and other crypto libraries
Experience with PostgreSQL including its native replication mechanisms
Strong problem-solving abilities with a proactive approach to security risk mitigation
Strong expertise with site reliability engineering practices and operational excellence - Implementing and utilizing infrastructure observability and monitoring tools (Grafana, Prometheus, OpenTelemetry, eBPF)
Building and evolving CI/CD tools and pipelines (Bazel, Terraform, Argo CD/Workflows/Rollouts)
Excellent communication skills for conveying technical concepts to diverse stakeholder
Experience with Data Protection and Key Management System within large-scale, distributed environments
Knowledge of industry standards and regulations related to Key Management Systems, Cryptography, Encryption and Tokenization
Ability to lead and execute encryption, tokenization and key management projects from conception to deployment
Familiarity with hardware security modules (HSM) and Cryptography Standards
Experience
10+ years in security engineering with a focus on Data Encryption, Tokenization, Key Management Systems, Cryptography, and security engineering
8+ years in security, encryption, architecture, and design
6+ years with open-source frameworks related to security
4+ years with cloud services and their security aspects, preferably with experience in AWS, GCP, Azure.
Education
Bachelor’s degree in computer science, Information Systems, or equivalent with a focus on security and cryptography
Annual Salary
$130,000.00 - $300,000.00The above annual salary range is a general guideline. Multiple factors are taken into consideration to arrive at the final hourly rate/ annual salary to be offered to the selected candidate. Factors include, but are not limited to, the scope and responsibilities of the role, the selected candidate’s work experience, education and training, the work location as well as market and business considerations.
Benefits:
As an Associate, you’ll enjoy our Total Rewards Program* to help secure your financial future and preserve your health and well-being, including:
Premier Medical, Dental and Vision Insurance with no waiting period**Paid Vacation, Sick and Parental Leave401(k) PlanTuition ReimbursementPaid Training and Licensures*Benefits may be different by location. Benefit eligibility requirements vary and may include length of service.
**Coverage begins on the date of hire. Must enroll in New Hire Benefits within 30 days of the date of hire for coverage to take effect.
The equal employment opportunity policy of the GEICO Companies provides for a fair and equal employment opportunity for all associates and job applicants regardless of race, color, religious creed, national origin, ancestry, age, gender, pregnancy, sexual orientation, gender identity, marital status, familial status, disability or genetic information, in compliance with applicable federal, state and local law. GEICO hires and promotes individuals solely on the basis of their qualifications for the job to be filled.
GEICO reasonably accommodates qualified individuals with disabilities to enable them to receive equal employment opportunity and/or perform the essential functions of the job, unless the accommodation would impose an undue hardship to the Company. This applies to all applicants and associates. GEICO also provides a work environment in which each associate is able to be productive and work to the best of their ability. We do not condone or tolerate an atmosphere of intimidation or harassment. We expect and require the cooperation of all associates in maintaining an atmosphere free from discrimination and harassment with mutual respect by and for all associates and applicants.