Cloud Security Engineer
Location:San Jose, California, US
Area of InterestEngineer - Software
Technology InterestCloud and Data Center
What You'll Do
You are deeply motivated Cloud Security Engineer with background in Cloud and Container security. This is a hands-on role that requires a high degree of technical security expertise within the cloud and automation ecosystem (IaaS , PaaS and SaaS). You will be responsible for security related tasks, including the implementation of security automation and incorporating security in from the start or "shifting left." Your responsibilities will include performing continuous assessments of security architecture, making practical recommendations to reduce risks, and then help realize the change, as well as the prevention and remediation of security vulnerabilities within cloud platforms using existing or new solutions. This can only be accomplished by a candidate with substantial real-world experience actually building, deploying and operating distributed systems using cloud technologies.
Who You'll Work With
Cisco is transforming the networking industry. To make this happen, we are heavily investing in team responsible for The Network. Intuitive. We are disrupting the industry by building a new networking platform that can learn, adapt, and secure itself at the speed of today’s businesses. This Digital Network Architecture platform automates network management and provides our customers with state-of-the-art analytics and insights. This team's innovations span artificial intelligence, machine learning, analytics, IoT, security, automation, and more.
Who You Are
In addition to day-to-day cloud security tasks, you will be responsible for security program maturity efforts, strategic thinking, and initiatives related to cloud. You will work with the Product and Information Security teams to help establish and maintain cloud security processes and ensure that security issues are identified and addressed.
- Assess, design, implement, automate, and document security solutions and processes for K8s, Public and Private Cloud environments, SaaS applications and other cloud platforms
- Work with platform engineers on secure best practices in Infrastructure as Code, cloud design patterns and CI/CD with built in application security controls
- Work on key areas to develop baseline cloud, container, and application security standards and integrate into the CI/CD pipeline
- Implement security architecture, methods, and controls required to meet security, compliance, and audit requirements
- Implement "security as code" using cloud services and CI/CD components as necessary
- Customize cloud compliance tools to meet operational, audit and risk based needs
- Respond to and, when appropriate, resolve or escalate security incidents
- Develop and maintain documentation for security systems and procedures
- Investigate and resolve security violations by providing postmortem analysis to illuminate the issue, and identify causes, possible solutions, and preventative measures
What You'll Need
- Minimum 4 years of experience as a Security Engineer or equivalent working experience
- Significant technical experience in Cloud Computing technologies and automation
- Ability to break down complex problems and implement custom solutions or scripts beyond just basics to demonstrate thoroughness of problem solving and automated security
- Experience in DevOps environments working with and influencing developers to maintain security through CI/CD processes.
- Experience working with container technologies including Docker and Kubernetes
- Experience with the development, deployment, and automation of security solutions in an enterprise cloud based environment
- Knowledge of network based, system level, and application layer attacks and mitigation methods
- Knowledge of technical security control environments and compliance frameworks including CSA CCM, ISO 27017
- Experience with or understanding of a broad range of security technologies including, SAST, IDS/IPS, IAM, Certificate Management, etc.
- Strong knowledge of technology and security topics including network and application security, infrastructure hardening, security baselines, web server, and database security
- An understanding of identity federation, authentication and authorization (SAML, OIDC, OAuth)
- Bachelor's Degree or equivalent working experience
- Any recognized security and cloud-specific certifications, e.g., CCSP, SSCP, CISSP, AWS, Azure Certification, Google Cloud Certification
- Knowledge of BC & DRP programs including risk assessment, BIA, remediation, and staging exercises
- Exposure to FedRAMP, SSAE16 SOC 2, PCI DSS
At Cisco, each person brings their unique talents to work as a team and make a difference. Yes, our technology changes the way the world works, lives, plays and learns, but our edge comes from our people.
We connect everything – people, process, data and things – and we use those connections to change our world for the better.
We innovate everywhere - From launching a new era of networking that adapts, learns and protects, to building Cisco Services that accelerate businesses and business results. Our technology powers entertainment, retail, healthcare, education and more – from Smart Cities to your everyday devices.
We benefit everyone - We do all of this while striving for a culture that empowers every person to be the difference, at work and in our communities.