Security Engineer

  • Location:
    San Jose, California, US
  • Area of Interest
    Engineer - Software
  • Job Type
  • Technology Interest
    Internet of Everything
  • Job Id
Please note this posting is to advertise potential job opportunities. This exact role may not be open today, but could open in the near future. When you apply, a Cisco representative may contact you directly if a relevant position opens.

Who We Are

The Cisco IoT business group is a global leader in IoT. Our IoT software and hardware portfolio include Cisco IoT Control Center - IoT cellular connectivity management platform, IoT gateways, industrial switching, routing & wireless solutions, Edge, Smart Cities, data management platforms and more. With these, we are positioned to accelerate IoT growth on a global scale – for ourselves, our partners and our customers. We are looking for a Senior Software UI Engineer for our IoT engineering team.

What You'll Do

The Internet is becoming the “Internet of Everything”, and “Things” are driving an explosion in the number of connected devices as well as the volume of data: The “Internet of Things” or “IoT”. Cisco's industry-leading, cloud-based IoT platform enables companies of all sizes to rapidly and cost-effectively launch, manage and monetize IoT services on a global scale. We are building a world-class team to build next generation IoT Software Platform.

Roles and Responsibilities:

  • As a Security Technical Lead, you will be responsible to define and implement the security frameworks for the product.
  • Help define consistent Secure Software Development Life-cycle practices for Cisco Cloud Security.
  • Improve secure coding practices, application security requirements, automation, training, and metrics.
  • Define a framework for security design reviews. Integrate threat modelling practices into the Software Development Lifecycle.
  • Help to develop relevant application security training for Engineering.
  • Manage cross-functional internal and external team collaboration, evangelization, and communications.
  • Lead and mentor colleagues with your expertise and knowledge.
  • Maintain active understanding of industry practices for secure software development and incident response.
  • Worked on Agile Teams using continuous development and deployment process
  • You care deeply about product security, quality and user impact.

Who You Are

  • Bachelor Degree in Computer Science, M.S. preferred - or equivalent experience with security technologies
  • 10+ years of experience in cybersecurity (AppSec, Architecture, Security Framework development etc.)
  • Hands-On Experience with one or more programming languages (Java, C, UI Frameworks etc.)
  • Deep understanding of OWASP Top 10 and CWE 25; with proven track record and experience in implementing and integrating remediation strategies
  • Knowledge of network protocols, cryptography, PKI, security threats, attack techniques, evasive techniques, detection and prevention methods
  • Demonstrable experience in producing, documenting, and explaining layered architectural diagrams and topology diagrams with an emphasis on security & data protection details
  • Knowledge of authentication protocols, authorization standards and crypto primitives (TLS, OAuth, SAML, JWT, etc)
  • Experience with static analysis scans, run time scans and fuzz testing tools
  • Familiarity with microservice architecture, Jenkins, Docker, Kubernetes, AWS
  • Experience in web application design, penetration testing, application risk assessment and risk categorization
  • Experience with driving and implementing secure development practices in to SDLC (SSDLC); ability to successfully integrate security in a DevOps environment
  • Ability to effectively present and communicate security threats and risks to any audience and impress upon them the mitigation techniques and strategies

We Are Cisco

#WeAreCisco, where each person is unique, but we bring our talents to work as a team and make a difference. Here’s how we do it.

We embrace digital, and help our customers implement change in their digital businesses. Some may think we’re “old” (30 years strong!) and only about hardware, but we’re also a software company. And a security company. An AI/Machine Learning company. We even invented an intuitive network that adapts, predicts, learns and protects. No other company can do what we do – you can’t put us in a box!

But “Digital Transformation” is an empty buzz phrase without a culture that allows for innovation, creativity, and yes, even failure (if you learn from it.)