SRE Security Engineer
Location:San Francisco, California, US
Additional Location(s)Vancouver, Canada Or San Jose, CA
Area of InterestEngineer - Software
Technology InterestSecurity, Software Development, Testing
The Business Entity
Cisco Cloud Security Group is at the forefront of developing cloud-delivered security needs and challenges of our customers. With an annual revenue exceeding $200M, it is one of the fastest growing businesses at Cisco. As Cisco is transforming its business model aggressively to a software and recurring revenue model, our cloud security business is leading this journey with 100%+ YoY growth in software recurring revenue.
The Cloud Security group focuses on developing cloud delivered security solutions (SaaS based) in a platform centric approach. This group was formed a couple of years ago by combining some of existing cloud assets Cisco had with two hugely successful acquisitions - OpenDNS and CloudLock. Our vision is to build the most complex security solutions in a cloud delivered way with utmost simplicity - disrupt industry's thinking around how deep and how broad a security solution can be while keeping it easy to deploy and simple to manage. We are at an exciting stage of this journey and looking for a passionate, innovative and action-oriented engineering leader to build next-gen cloud security solutions like Cloud Firewall, IPS, IDS etc.
Why is cloud security relevant? Because today's world has changed. The way we work has fundamentally changed. There is more roaming users than ever with rapid growth of BYOD. Business applications have moved to cloud. Enterprise's critical infrastructure has been moving to public/private cloud. At the same time, threat landscape has drastically changed with increased sophistication of attacks. The notion of traditional perimeter based security is being disrupted. Since users, apps and infrastructure have all moved to cloud, security must too. Welcome to the team of geeks passionate about solving this very problem and making world a better place…a secure place.
We have a highly scalable cloud infrastructure spread across 25 data centers where we run our cloud security applications that operate at massive scale - 100B+ requests per day from 65M daily active users.
Who You'll Work With:
This Core Platform team builds and operates the core applications services and infrastructure that thousands of our customers rely on to manage their dashboard settings including security policy configurations for their respective organizations. This core services includes the backend data access layer, API layer and the DB layer that processes and stores millions of configuration and customer data.
Who You Are:
In depth experience performing vulnerability assessments and threat modeling. You know the difference between csrf and xss and you love to share your knowledge with others.
Proficient in deployment, automation and scripting using Terraform, Ansible, Python and Bash.
Experience with AWS. You know how to create AMIs, run instances securely, and architect systems that can withstand partial or total failure.
You know your way around the command line and are close friends with lsof, strace, tcpdump, and their associates.
You know how to release software. You can build Debian packages, publish them to APT repositories, and get them deployed. You also know how to have a rollback strategy in case things don’t go as planned.
Experience running kubernetes clusters and docker containers
Experience building Debian packages using Jenkins for CI/CD pipelines
Familiarity with Prometheus and Datadog for alerting and monitoring
Experience running large databases
What You'll Do:
Deploy and maintain our infrastructure in a 24x7 production environment
Collaborate with team members to design distributed, highly available systems.
Debug systems and performance issues. Dive into the hard things that others can’t
Assess the security of our core app, recommend improvement opportunities, drive remediation effort
Help us integrate security at all phases of the development process by reviewing vulnerability tests and other internal and external assessments, remediate items, provide feedback and coaching to Product and Dev teams
Work with other security advocates in the organization to drive adoption of standards, and build tools to make developers lives easier and our products more secure.
Perform vulnerability assessments, threat modeling and routine security posture reviews
Help your team deliver the most secure platform that can achieve the highest level of security certifications
We connect everything: people, processes, data, and things. We innovate everywhere, taking bold risks to shape the technologies that give us smart cities, connected cars, and handheld hospitals. And we do it in style with unique personalities who aren't afraid to change the way the world works, lives, plays, and learns.
Why Cisco Cloud Security
Cisco Cloud Security enables you to securely adopt the cloud and better manage security for the way the world works today. It protects users against threats anywhere they access the internet and secures your data and applications in the cloud. You can also leverage the cloud to enhance security through simplified policy management and dynamic threat intelligence. With Cisco Cloud Security, you gain complete visibility into internet activity across cloud applications, all office locations, and roaming devices, plus faster threat detection and response. Cisco Cloud Security provides an effective security platform that is open, automated, and simple to use. And it’s backed by industry-leading threat information delivered by the Cisco Talos security intelligence and research group.
We Are Cisco!