Cisco

• The successful applicant will be performing work on US Government classified environments, and therefore, must be a U.S. Person (i.e., U.S. citizen, U.S. national, lawful permanent resident, asylee, or refugee). This position may also perform work that the U.S. government has specified can only be performed by a U.S. citizen on U.S. soil.

In today's dynamic digital environment, security is everyone's job. At Cisco, the Security and Trust Organization (S&TO) is at the core of making infrastructure more secure. Your involvement in this strategic and result-oriented team will enable you to be part of one of Cisco's major objectives - to be the Number 1 Trusted Business partner to our customers. The S&TO reports to Cisco's Chief Security and Trust Officer and owns the innovation, training, and implementation of security and trust features and processes across all of Cisco's products.

What you'll do:

• Responsible for defining and implementing the build, deployment, and monitoring standards
• A part of Agile development teams to deliver an end-to-end automation of deployment, monitoring, and infrastructure management in a cloud environment.
• Build and configure delivery environments supporting CD/CI tools using an Agile delivery methodology.
• Work together with vendors and other IT personnel for problem resolution.
• Evaluate application performance, identify potential bottlenecks, develop solutions, and implement them with the help of developers.
• Create and maintain documentation as it relates to security policies, procedures, incidents, audits, designs/configurations, processes, and requirements. Evaluate, select, design, and configure security infrastructure systems in a global environment.
• Identify, integrate, monitor, and improve InfoSec controls by understanding business processes.
• Work in support of the Security Architect enhancing the security direction for the organization including systems, networks, user services and vendor development efforts.
• Assist in defining security requirements and review of system to determine if they have been designed to comply with established security standards. Develop new standards as necessary.
• Raise awareness on secure development best practices with internal security champions.
• Advises senior management by identifying critical security issues, recommending risk-reduction solutions, evaluate incidents and determine course of action.

Who you are:

• An individual contributor with security first mindset, who will be effective in delivering results, assume personal responsibility for achieving outcomes and work effectively with little direction.
• Demonstrated experience with secure development, coding, engineering practices.
• Strong scripting skills, including shell, Python, Groovy, etc;
• Hands on experience with CICD pipeline technologies like Jenkins pipelines, GitHub actions, Azure DevOps CICD, and similar.
• Understanding of Cloud based solutions (AWS, Azure, Google Cloud) and capabilities for automation (Terraform etc.) including security/resource groups and identity access management (IAM) with in the Cloud.
• Familiarity with containers technologies such as Docker/K8s/EKS/AKS.
• Awareness of tools used to check and monitor software standards: OWASP, Qualys, Tenable, Github Security, Nessus, and similar.
• Awareness of monitoring, metrics, and observability platform technologies like Datadog, Dynatrace, New Relic, Splunk, Sumo, Prometheus, Elastic, Zabbix, or Nagios.
• Familiarity with JFrog Artifactory or Sonatype Nexus usage, administration, and deployment architecture.
• Key understanding of core Information Security Areas (ID & ACCESS Management, Threat & Vulnerability Management, Information Risk & Governance, Network and Application Architecture, Incident Response, Security Strategy, intrusion detection and response, secure software development, security architecture, security engineering, and IT compliance) in Cloud technology platforms like AWS, GCP, Azure or similar.
• Experience working with industry standard information security and control frameworks (NIST Cyber Security Framework, 800-53, etc.)

Why Cisco?

#WeAreCisco. We are all unique, but collectively we bring our talents to work as a team, to develop innovative technology and power a more inclusive, digital future for everyone. How do we do it? Well, for starters - with people like you!

Nearly every internet connection around the world touches Cisco. We’re the Internet’s optimists. Our technology makes sure the data traveling at light speed across connections does so securely, yet it’s not what we make but what we make happen which marks us out. We’re helping those who work in the health service to connect with patients and each other; schools, colleges, and universities to teach in even the most challenging of times. We’re helping businesses of all shapes and sizes to connect with their employees and customers in new ways, providing people with access to the digital skills they need and connecting the most remote parts of the world - whether through 5G, or otherwise.

We tackle whatever challenges come our way. We have each other’s backs, we recognize our accomplishments, and we grow together. We celebrate and support one another - from big and small things in life to big career moments. And giving back is in our DNA (we get 10 days off each year to do just that).

We know that powering an inclusive future starts with us. Because without diversity and a dedication to equality, there is no moving forward. Our 30 Inclusive Communities, that bring people together around commonalities or passions, are leading the way. Together we’re committed to learning, listening, caring for our communities, whilst supporting the most vulnerable with a collective effort to make this world a better place either with technology, or through our actions.

So, you have colorful hair? Don’t care. Tattoos? Show off your ink. Like polka dots? That’s cool. Pop culture geek? Many of us are. Passion for technology and world changing? Be you, with us! #WeAreCisco

#sto24