Security Consulting Engineer (Full Time) - United States
Location:RTP, North Carolina, US
Additional Location(s)Richardson, Texas - Chicago, Illinois
Area of InterestProfessional Services
Job TypeNew Graduate
Technology InterestInternet of Everything
What You’ll Do
Everything is converging on the Internet, making networked connections more relevant than ever. Our employees have groundbreaking ideas that impact everything imaginable - from entertainment, retail, healthcare, and education, to public and private sectors, smart cities, smart cars, and everyday devices in our homes. Here, that means you’ll take creative ideas from the drawing board to powerful solutions that have real world impact. You’ll collaborate with Cisco leaders, partner with experienced mentors, and develop incredible relationships with colleagues who share your interest in connecting the unconnected. You’ll be part of a team that cares about its customers, enjoys having fun, and you’ll participate in changing the lives of those in our local communities. Come prepared to be inspired.
Who You'll Work With
Let’s change the world together. You will work directly with our customers and gain hands-on experience and exposure into their networks. Be immersed in a small close-knit group of cohorts, to collaborate on several projects that have a real impact. You will be working on network infrastructures, delivering business solutions and technology solutions from data, security, mobility, and the cloud. We will value your ideas on how to get things done, while learning from industry leaders.
What the Security Services Organization Does
Cisco Security Services Organization (SSO) supports customers through the entire lifecycle of a security solution: from understanding business needs to deploying custom solutions, from optimizing existing solutions to developing applications that meets specific needs; from helping customers to maintain their solutions to helping them investigate potential security incidents. In order to effectively support customers offering specialized services with specialized consultants, the SSO is segmented in four areas: Consulting Services, Assessment and Penetration Services, Incident Response Services and Orchestration, Automation and Response (SOAR) Services.
Security Consulting Services
Our Security Consulting Services (SCO) group is distributed across the US. We provide security professionals that can assist our customers with their security challenges, irrespective of the security products they have in their environment (Cisco, or otherwise). Additionally, we offer strategic consulting, aligned with Cisco’s product offerings, to help customers with business case development and product adoption. Our focus in Security Consulting is to help our customers get better at securing their organization and integrating security into their business needs. Our Security Consultants help our customers understand complex security needs by identifying challenges, risks and vulnerabilities in technology, people, and processes. We achieve this through understanding business objectives and how those objectives influence security decisions, developing strategies and roadmaps to address these requirements and providing support to existing programs and projects. Engagements include security program building, developing layered security models, compliance assessments (against various compliance frameworks), implementation planning and much more. Consulting Services is also focused on assisting our clients to use and get the most value from their Cisco security products. We advise our customers to adopt and utilize best in breed Cisco security technologies, using tried and true methodologies for deployment and migration. We focus on aligning our technologies, or mix of technologies, to accomplish our customer’s business goal through a consultative approach. Engagements include building, deploying and optimizing Cisco Security solutions like FirePower, Identity Services Engine, Trustsec and others. https://www.cisco.com/c/en/us/products/security/index.html
Assessment and Penetration Team (APT)
This group is primarily based out of our downtown Chicago, IL office, but with security professionals throughout the US. Consultants in APT Services help our clients address their complex security problems while using our expert knowledge, mature methodologies, and advanced research capabilities. APT takes a technical approach in identifying and mitigating vulnerabilities and threats by emulating real-world attack techniques through red team and social engineering assessments, reverse engineering, application assessment and Secure DevOps reviews, as well as hardware security (including IoT and Connected Car).
Incident Response Services
The Cisco Security Incident Response (IR) Service significantly strengthens a customer’s network and information security resiliency. Using the latest intelligence and standard methodologies, it introduces a process that engages all layers of defense and provides a comprehensive range of capabilities to help organizations prepare, maintain, respond to, and recover from incidents efficiently. If emergency assistance is required, our responders are available within hours for rapid investigation and mitigation of threats virtually and in-person.
Security Orchestration, Automation and Response Services
Security Orchestration is a group of software engineers whose mission is to automate security processes and orchestrate disparate security technologies into holistic solutions that go beyond individual product capabilities. We do this with Cisco and 3rd party products, using any platform to build software-engineered workflows and capabilities. In the course of our work, we regularly touch all the products within our Security portfolio. Concretely, most of our solutions are desktop utilities, portals, integrations, and automate security tasks written in Java (and a few in Python, C#, and Golang) using standard software engineering methodologies such as Agile and Secure Development Life Cycle.
Key Elements of the Roles
- You will attend on-site design and configuration sessions with a Security Consulting mentor
- You will collect requirements from customers for projects to meet critical business goals
- You will work with a team mentor to define the business goals and requirements for integration efforts
- You will identify and support large-scale-design efforts for customer network integrations
- You will configure lab devices with configuration templates or system configurations which will be used in customers’ production implementations
- You will aid in analyzing and designing policy creation for Identity Services, Firepower Intrusion Detection, ASA Firewall Rules, and Catalyst Switch Configurations
- You will analyze customer configurations and provide feedback on possible improvements to the configuration to improve alignment with customer business goals
- You will evaluate customer logs or Netflow data to advise on improvements aligned with their business goals
- You will learn and understand Security Policies, Standards, Procedures and Guidelines
- You will utilize modern Penetration Test techniques (if in the APT group)
- You will gain knowledge about Incident Response methodologies, Table-top exercises, Red/Blue/Purple Teams and how corporates around the world use these tools to decrease the risk and, if necessary, respond to security incidents (if in the IR group)
- You will learn how to use programming languages (Java/Python/C++) and open source automation platforms (Ansible/Chef/Terraform) to develop tailor-made automation capabilities to customers using Cisco application programming interfaces (if in the SOAR group)
Who You Are
- You are a recent graduate or on your final year of studies toward a Bachelor’s or Master’s degree in Computer Science, Computer Engineering, or Information Systems (or equivalent) with software development skill set or interest in Information Security
- You have knowledge of IT systems, networking concepts, TCP/IP protocols, network devices and applications, OSI 7-layer model, or code development
- You have a desire and passion for Information Security and willingness to learn and teach yourself tough concepts
- You are able to work well in small dynamic teams and balance multiple responsibilities
- You have the ability and desire to work on collaborative teams across the US