Security Architect|Risk analysis|Threat modeling|Security code review|8-11years
Area of InterestEngineer - Network
Who We Are
Cisco Cloud Security Group is at the forefront of developing cloud-delivered security needs and challenges of our customers. With annual revenue exceeding $200M, it is one of the fastest-growing businesses at Cisco. As Cisco is redefining its business model aggressively to software and recurring revenue model, our cloud security business is leading this journey with 100%+ YoY growth in software recurring revenue.
The Cloud Security group focuses on developing solutions that provide Security as a Service to our customers. Our vision is to build the most comprehensive security solutions that are both easy to deploy and simple to manage. We are at the initial stages of this journey and looking for hardworking and innovative engineers to help realize this vision. The notion of traditional perimeter-based Security is being disrupted. Since users, apps, and infrastructure have all moved to the cloud, Security must too. Welcome to the team of enthusiasts passionate about solving this very problem and making the world a better place by making it a secure place.
We have a highly scalable cloud infrastructure spread across 25 data centers where we run our cloud security applications that operate at an extensive scale - 100B+ requests per day from 65M daily active users.
What you will do?
Facilitate and lead consistent DevSecOps practices for Cisco Cloud Security organization
Lead threat modeling and security design reviews with engineering teams, provide domain expertise in resolving complex security problems
See opportunities for automation, partner with engineering and security team on implementing automation
Develop and support development of security testing and validation scripting.
Resolve and review resolution of security vulnerabilities as needed.
Improve secure coding practices, application security requirements, automation, training, and metrics
Help to develop relevant application security training for engineering teams
Help to define our penetration testing strategy
Maintain an active understanding of industry practices for secure software development and incident response
Who You Are
You have experience with implementing secure software lifecycle practices within an agile engineering organization. You successfully established relationships with Engineering based on teamwork, empathy, and pursuit of perfection.
You are empathetic and accountable while helping contribute to improve the security program and Cisco customer's trust
Extensive experience in information security and/or IT risk management with a focus on security, performance and reliability
Solid understanding of security protocols, cryptography, authentication, authorization and security
Good working knowledge of current IT risks and experience implementing security solutions
Experience implementing multi-factor authentication, single sign-on, identity management or related technologies
Ability to interact with a broad cross-section of personnel to explain and enforce security measures
Ability to analyze and correlate across large and diverse datasets to provide relevant data points and remediation actions
Demonstrate solid understanding in a few of the following areas: Web Application Security, Cloud Infrastructure, Network Security, Operating system security, and Identity and Access Management
AWS/Public Cloud experience; Security Controls & Tools for AWS Public Cloud Services;
Practical experience working at a global scale, with teams that are remote from each other and often working independently.
Knowledge of Tools: AppScan, BurpsuiteBurpSuite, nmap, ZAP, Qualys
#WeAreCisco, where each person is unique, but we bring our talents to work as a team and make a difference powering an inclusive future for all.
We embrace digital, and help our customers implement change in their digital businesses. Some may think we’re “old” (36 years strong) and only about hardware, but we’re also a software company. And a security company. We even invented an intuitive network that adapts, predicts, learns and protects. No other company can do what we do – you can’t put us in a box!
But “Digital Transformation” is an empty buzz phrase without a culture that allows for innovation, creativity, and yes, even failure (if you learn from it.)
Day to day, we focus on the give and take. We give our best, give our egos a break, and give of ourselves (because giving back is built into our DNA.) We take accountability, bold steps, and take difference to heart. Because without diversity of thought and a dedication to equality for all, there is no moving forward.
So, you have colorful hair? Don’t care. Tattoos? Show off your ink. Like polka dots? That’s cool. Pop culture geek? Many of us are. Passion for technology and world changing? Be you, with us!