Develops and executes security controls, defenses, and countermeasures to intercept and prevent security risks. Follows Cisco Secure Development Lifecycle processes as well as external security processes, as applicable. Performs security assessments that may include vulnerability and risk assessments, threat analysis, and secure configuration and design reviews to identify potential vulnerabilities. Designs and implements security features for products or the cloud, which may include systems, applications, and/or solutions. Researches and evaluates cybersecurity threats and performs root cause analysis, which may involve implementation and deployment of third-party tools. Provides security engineering recommendations and resolves integration and testing issues with Cisco BUs. Determines and implements appropriate security hardening across infrastructure, platforms, and build environments. Builds a standardized set of security product requirements and produces metrics to report performance against those requirements. Detects and mitigates security risks, responds to security incidents, and leads or participates in security architecture and design review meetings.
What You'll Do

• Builds, deploys, and maintains sub-components of a defined security process, tool, or service
• Typically completes small to medium complexity work in support of a defined product, platform, or process
• Stays ahead of on industry trends and Cisco and industry security processes; advises junior security engineers, as needed
• Understands security tools and frameworks as they relate to product, infrastructure, or solution requirements and may contribute to security portions of product specification
• Complete and may contribute to design of security and compliance tests based on defined testing plans
• Helps to identify security gaps and builds out security automation, orchestration, and monitoring capabilities to optimize ongoing testing and response
• May write reports that communicate testing results across teams (e.g., sales, marketing, engineering)
• Monitors outputs of defined security tests
• Analyzes environment and identifies potential risks for review by broader team
• Interprets results from threat reports and works on sustainability solutions
• Runs basic penetration tests in support of the broader team
• Tracks results of pen tests and contributes to interpreting results and remediation reporting
• Supports incident response for security breaches
• Tracks remediation tasks; engages with engineering, product owners, and collaborators to ensure vulnerability management compliance
• Develops and maintains detection rules, alerting logic, and validation processes with minimal guidance
• Performs analysis, validation, testing, and fixing of security controls, tools, and integrations under minimal supervision
• Performs peer review of security configurations, testing outputs, and control implementations
• Designs and implements scalable security automation, monitoring, and enforcement mechanisms to improve reliability and operational efficiency
• Contributes as an expert in secure design principles and understands threat models relevant to systems and features
• Understands and demonstrates technical guidelines and security controls and teams within Cisco
• Solves problems security controls and contributes to changes and updates to address security issues
• Experienced professional using guidelines and knowledge of internal or external business issues to improve products or services
• Works independently, but receives guidance and direction from leader, then determines best approach to accomplish work
• Acts as a resource for colleagues with less experience
• Develops relationships with peer collaborators within and across teams and builds productive working relationships

Minimum Qualifications:

• Bachelors degree.
• + 5 years of related experience or Masters with + 3 years of related experience.
• Requires working knowledge and expanded conceptual knowledge in primary technical job family and broadens capabilities
• Has worked with and is proficient with current technologies.

Why Cisco? 

At Cisco, we’re revolutionizing how data and infrastructure connect and protect organizations in the AI era – and beyond. We’ve been innovating fearlessly for 40 years to create solutions that power how humans and technology work together across the physical and digital worlds. These solutions provide customers with unparalleled security, visibility, and insights across the entire digital footprint.

Fueled by the depth and breadth of our technology, we experiment and create meaningful solutions. Add to that our worldwide network of doers and experts, and you’ll see that the opportunities to grow and build are limitless. We work as a team, collaborating with empathy to make really big things happen on a global scale. Because our solutions are everywhere, our impact is everywhere. 

We are Cisco, and our power starts with you.