Location:RTP, North Carolina, US
Alternate LocationSan Jose, California, US
Area of InterestEngineer - Network
Compensation Range121600 USD - 167800 USD
Technology InterestCloud and Data Center, Security
Cisco's Security Visibility and Incident Command (SVIC) forms part of the detection, compliance, monitoring & response branch of Cisco's Security and Trust Organization (S&TO). We provide Cisco with security threat detection, compliance monitoring, vulnerability discovery and response services in order to protect Cisco from attacks, abuse, reputational harm and the loss of its intellectual assets. The primary mission of SVIC is to help ensure enterprise, system, and data risk management by performing comprehensive investigations into cyber security incidents, and to assist in the prevention of such incidents by either compliance or engaging in dedicated threat assessment, mitigation planning, incident trend analysis, and security architecture review. We are a highly-functioning, diverse, and globally distributed group of outstanding professionals from various technical backgrounds.
What you’ll do
Cisco’s Security Visibility and Incident Command team is looking for a Security Architect focused on Vulnerability Scanning with extensive experience developing for cloud technologies such as Amazon Web Services (AWS), Google Cloud Platform (GCP), Azure and private clouds with working experience with Kubernetes and Docker and Vulnerability Scanning technologies such as Tenable, Qualys and Rumble.
This will be a hands-on role supporting the Vulnerability Management Operations Program. The candidate is expected to perform security audit functions to scan, identify, validate, and remediate security vulnerabilities. This includes designing and deploying vulnerability identification programs and providing remediation guidance to the end users
Roles & Responsibilities
- Establish security requirements for cloud-based and onPrem solutions by evaluating business strategies and requirements, researching infrastructure security standards such as ISO 27000 series, NIST CSF, and CSA
- Provide domain expertise in both public and private cloud and enterprise technology
- Participate, lead and jointly deliver security evaluation reports on cloud providers (Azure, AWS,GCP) and cloud native platforms (Docker and Kubernetes) and onPrem environments
- Continually evaluate new threats in the cloud and on Prem, to identify the impact on IT and Business and to develop and implement security controls
- Provide recommendations for improvement and risk reduction by assessing clients’ Security Vulnerability posture
The ideal candidate must enjoy working in a fast-paced environment with a proactive, “take-charge” / “can-do” attitude and is able to demonstrate flexibility and resiliency. Successful candidate must be self-sufficient and be able to work with minimal supervision. Work with geographically distributed teams across different time zones. Works with cross-functional teams to create solutions for automatic deployment of Infosec team’s security products
- Strong understanding of vulnerability management and security testing practices and methodologies.
- 3+ years of experience working with any industry standard scanning tool in (eg. Qualys, Nessus, AppScan etc.)
- Experience using common security testing and analysis tools (Metasploit, Kali, Wireshark)
- Knowledge and understanding of key differences between most popular cloud provider (e.g. Azure, AWS, GCP, Open Stack, Pivotal Cloud Foundry, BOSH, Kubernetes, Docker )
- Expert knowledge of system, application, and database hardening techniques and practices.
- Understanding of Industry trends in cloud technologies for public, private and hybrid cloud deployments
- Strong domain expertise of cloud infrastructure compute, network and storage as well as the cloud control plane
- Knowledge of virtualization, containers, service-mesh and enterprise service business
- Experience with structured Enterprise Architecture practices, hybrid cloud deployments, and on-premise-to-cloud migration deployments
- Ability to identify and drive remediation of Security Vulnerabilities
When available, the salary range posted for this position reflects the projected hiring range for new hire salaries in U.S. locations. For non-sales roles, the hiring ranges reflect base salary and do not include bonuses, equity, or benefits. Hiring ranges for sales positions include base and incentive target, and do not include equity or benefits. Individual pay is determined by the candidate's hiring location and additional factors, including but not limited to skillset, experience, and relevant education, certifications or training. Applicants may not be eligible for the full salary range based on their U.S. hiring location. The recruiter can share more details about compensation for the role in your location during the hiring process.