Lead Architect, Secure Development Lifecycle Program
Location:RTP, North Carolina, US
Area of InterestInformation Technology
What You'll Do
You will be the lead architect to craft, guide, and evangelize Cisco’s CSDL (Cisco Secure Development Lifecycle) adoption for the Cisco enterprise. You will partner closely with IT, Supply Chain, CX and SSBR groups to make CSDL a reality. You will play a leadership role in assisting these groups in securely architecting/operating their offerings by aligning to the CSDL, industry standard methodologies, compliance and privacy requirements.
You will own and be responsible for building our technical adoption roadmap, identifying and defining CSDL requirements and guiding our automated security validation development.
Position is based in RTP, North Carolina. Relocation expenses can be covered by Cisco for the right candidate.
Who You Are
- You have a proven foundation of security principles of Software Development Lifecycle (SDL). A working knowledge of how various SDL requirements can be applied within the Cisco enterprise.
- You demonstrate strong social and technical interpersonal skills, abilities to influence others at various levels of the company and significant experience working with multiple programs and partners at once.
- You have a good understanding of development automation tools in a CI/CD pipeline and/or DevSecOps practices.
- You have a deep understanding of various classes of security weaknesses and vulnerabilities & also mitigations techniques. You are very familiar with the OWASP top 10.
- You can work reciprocally with diverse partners -- from Executives, Service leads, technical leaders, program managers as well as the development and test communities -- to ensure compliance to CSDL components and track mandatory security requirements.
- You understand and participate in high level design discussions for the purpose of ensuring a common understanding of expectations and deliverables towards adoption by internal customers.
- You have high-level, out-of-the-box thinking, analytical reasoning, and creative problem-solving skills.
- You have exceptional coaching and mentoring skills for technical personnel.
- You have good technical writing and presentation skills.
- You will lead executive briefings, provide Security education, develop training when required and present at Security conferences and events.
- Background in Information Security –or-- Software Development Lifecycle processes.
- Experience developing, automating, managing or driving security-related requirements or measurements to a SDL within an enterprise.
- Security related qualifications (CISSP, CCSP, CCSLP, OWASP, SANS Secure Software Development, CASE)
- Experience in the software development processes with any of the following Cisco organizations: IT (Engineering IT), Engineering BUs, Supply Chain, Customer Experience (Cisco Services) or SSBR.
At Cisco, each person brings their unique talents to work as a team and make a difference.
Yes, our technology changes the way the world works, lives, plays and learns, but our edge comes from our people.
- We connect everything – people, process, data and things – and we use those connections to change our world for the better.
- We innovate everywhere - From launching a new era of networking that adapts, learns and protects, to building Cisco Services that accelerate businesses and business results. Our technology powers entertainment, retail, healthcare, education and more – from Smart Cities to your everyday devices.
- We benefit everyone - We do all of this while striving for a culture that empowers every person to be the difference, at work and in our communities.
Colorful hair? Don’t care. Tattoos? Show off your ink. Like polka dots? That’s cool. Pop culture geek? Many of us are. Be you, with us! #WeAreCisco
Cisco is an Affirmative Action and Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis.
Cisco will consider for employment, on a case by case basis, qualified applicants with arrest and conviction records.
Keywords: CSDL, SDL, Engineering, DevSecOps, Architect, Security, Continuous Security, OWASP, CCLSP