Application Security Engineer
Location:San Francisco, California, US
Additional Location(s)Vancouver, CAN or San Jose
Area of InterestEngineer - Software
Technology InterestSoftware Development, Testing
Who You'll Work With:
The Business Entity
Cisco Cloud Security Group is at the forefront of developing cloud-delivered security needs and challenges of our customers. With an annual revenue exceeding $200M, it is one of the fastest growing businesses at Cisco. As Cisco is transforming its business model aggressively to a software and recurring revenue model, our cloud security business is leading this journey with 100%+ YoY growth in software recurring revenue.
The Cloud Security group focuses on developing cloud delivered security solutions (SaaS based) in a platform centric approach. This group was formed a couple of years ago by combining some of existing cloud assets Cisco had with two hugely successful acquisitions - OpenDNS and CloudLock. Our vision is to build the most complex security solutions in a cloud delivered way with utmost simplicity - disrupt industry's thinking around how deep and how broad a security solution can be while keeping it easy to deploy and simple to manage. We are at an exciting stage of this journey and looking for a passionate, innovative and action-oriented engineering leader to build next-gen cloud security solutions like Cloud Firewall, IPS, IDS etc.
Why is cloud security relevant? Because today's world has changed. The way we work has fundamentally changed. There is more roaming users than ever with rapid growth of BYOD. Business applications have moved to cloud. Enterprise's critical infrastructure has been moving to public/private cloud. At the same time, threat landscape has drastically changed with increased sophistication of attacks. The notion of traditional perimeter based security is being disrupted. Since users, apps and infrastructure have all moved to cloud, security must too. Welcome to the team of geeks passionate about solving this very problem and making world a better place…a secure place.
We have a highly scalable cloud infrastructure spread across 25 data centers where we run our cloud security applications that operate at massive scale - 100B+ requests per day from 65M daily active users.
What You'll Do:
This Core Platform team builds and operates the core applications services and infrastructure that thousands of our customers rely on to manage their dashboard settings including security policy configurations for their respective organizations. This core services includes the backend data access layer, API layer and the DB layer that processes and stores millions of configuration and customer data.
Who You Are:
What skills and experience do you need?
In depth experience performing vulnerability assessments and threat modeling. You know the difference between csrf and xss and you love to share your knowledge with others.
Proficient in deployment, automation and scripting using Terraform, Ansible, Python and Bash.
Experience with AWS. You know how to create AMIs, run instances securely, and architect systems that can withstand partial or total failure.
You know your way around the command line and are close friends with lsof, strace, tcpdump, and their associates.
You know how to release software. You can build Debian packages, publish them to APT repositories, and get them deployed. You also know how to have a rollback strategy in case things don’t go as planned.
Experience running kubernetes clusters and docker containers
Experience building Debian packages using Jenkins for CI/CD pipelines
Familiarity with Prometheus and Datadog for alerting and monitoring
Experience running large databases
We connect everything: people, processes, data, and things. We innovate everywhere, taking bold risks to craft the technologies that give us ability to learn cities, connected cars, and handheld hospitals. And we do it in style with rare personalities who aren’t afraid to change the way the world works, lives, plays and learns.
We are leaders with vision, tech geeks, pop culture aficionados, and we even have a few purple haired rock stars. We celebrate the creativity and diversity that fuels our innovation. We are dreamers and we are doers.
We Are Cisco.
Cisco is an Affirmative Action and Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis.
Cisco will consider for employment, on a case by case basis, qualified applicants with arrest and conviction records.
Please note this posting is to advertise potential job opportunities. This exact role may not be open today, but could open in the near future. When you apply, a Cisco representative may contact you directly if a relevant position opens.