Location:Vancouver, British Columbia, Canada
Additional Location(s)San Jose
Area of InterestEngineer - Software
Technology InterestSecurity, Software Development, Testing
Our approach is twofold; first Umbrella, our cloud-delivered network security service, blocks advanced attacks including malware, botnets, and phishing threats, while our predictive intelligence engine uses machine learning to automate protection against newly-discovered threats before they can reach our customers. Today, we handle more than 80 billion daily Internet requests from 65 million+ users around the world. Our global network has proven reliability and adds no latency. We protect each and every one of our customers' devices globally without any hardware to install or software to maintain.
Who You Are
As a Security Engineer you are part of a team responsible for maintaining security systems, administering security policies, investigating and recommending security technologies and performing security investigations. In your role, as a Security Engineer, you address the most complex issues and develop recommendations and plans to resolve them. This is a challenging position working in a fast paced environment, with the opportunity to utilize your experience as a subject matter expert to positively influence not only the team objectives, but the business units as well.
Who You'll Work With
Working at Cisco in the Cloud Infrastructure Engineering Security Team means being surrounded by passionate, intelligent and creative people that are determined to disrupt the Internet security industry with innovative ideas, world-class research and unrivaled products and services. It's a place where the best ideas are quickly transformed into products, features, campaigns and company-wide practices, so it won't be long before you witness the results of your hard work. But don't just take our word for it. We've seen nearly 100% year-over-year usage growth.
What You'll Do
In this highly visible role as a Security Engineer, you will:
● Work with teams to build threat models for their products
● Work with InfoSec and software engineering teams to ensure compliance with standard security best practices and internal/external policies
● Drive the Vulnerability Management security charter and conduct Security Reviews with customers and help facilitate Risk Assessment
● Responsible for identifying security related gaps/deficiencies and to formulate and present sound recommendations for remediation
● Improve security processes for vulnerability management & security incident management
● Troubleshoot escalated, extended, or recurring issues, evaluate the impact of current security advisories and publications, support fellow Cisco employees with security advice and guidance
● Collaborate with engineers in CSIRT and InfoSec to enhance, improve, or modify enterprise and cloud (IaaS, SaaS) based security detection and response
● Perform security audits of infrastructure systems security, maintain compliance against vulnerability assessments and oversee penetration testing
● Implement hardening techniques and layered-defense strategies for operating systems, databases, web servers and web services
● Provide technology solutions input and recommendations to address technology issues, working closely with our architects and SME's
● Recommend process improvements and educational programs/trainings
● Strong systems background
● Assessing new technologies as needed to support business objectives
● Regularly view and verify existing metrics to ensure accuracy and quality
● Annotate existing metrics to improve user understanding of the meaning of metrics
● Security As Code – leverage automation and scripting to improve overall security
● Manage, configure, administer and maintain security information and event management tooling and processes surrounding it. Proactively monitor and respond to incoming alerts.
● Working on inquiries and tasks related to data privacy and protection
● Provide on-call escalation operations support for the infrastructure group
● Minimum of two years' experience in one of the following roles: security, system administration or development
● Demonstrated working knowledge and proficiency in security technologies, policies and risk assessment
● Experience with vulnerability management tooling (such as Qualys, Nessus, Nexpose/InsightVM)
● Working knowledge and proficiency in operating systems (particularly Linux)
● Expertise in network and system based attacks and mitigation. network intrusion detection and prevention skills
● Excellent verbal, presentation and written communications skills. Ability to communicate with technical, non-technical, and senior management audiences
● The qualified candidate should have a proven track record working at a global scale of one of the following: implementing security solutions, administering servers or developing software
● Expertise in operating system knowledge/support related to security vulnerabilities
● Provide escalation support for the Infrastructure Group
● Holds industry-specific certifications, including one or more of the following: CCIE (Security), CISSP, CCSP, CISA, CISM, ISSAP or ISSMP
● Experience with penetration testing tools: Kali Linux, BurpSuite, MetaSploit, Acunetix, etc
● Knowledge of security industry standards and certification frameworks such as NIST, FedRamp, ISO and others
● Experience with SIEM systems: LogRhythm/Splunk
● Expertise in scripting/automation (particularly Python)
● Expertise in network-related protocols (e.g. TCP/IP, IPsec) strongly preferred
We connect everything: people, processes, data, and things. We innovate everywhere, taking bold risks to shape the technologies that give us smart cities, connected cars, and handheld hospitals. And we do it in style with unique personalities who aren't afraid to change the way the world works, lives, plays and learns.
We are thought leaders, tech geeks, pop culture aficionados, and we even have a few purple haired rock stars. We celebrate the creativity and diversity that fuels our innovation. We are dreamers and we are doers. We Are Cisco.