Value Chain Security Engineer

  • Location:
    Offsite, RTP, North Carolina, US
  • Alternate Location
  • Area of Interest
    Engineer - Hardware
  • Compensation Range
    121600 USD - 167800 USD
  • Job Type
  • Technology Interest
  • Job Id

Who We Are

Cisco’s Trust Transformation Office (TTO) plays a leading role in understanding customer needs for security, privacy, data protection, and customer data management. TTO advises, supports and collaborates with customers, Cisco Sales, Engineering, Government Affairs and Legal to build industry leading trust and visibility. On this team you will help shape the strategic direction of networks, security, collaboration, and applications. Together, we will help to build a better and more secure internet and help to define the future of trust. Within TTO, you will be part of the Value Chain Security Team which governs the Value Chain Security Architecture (VCSA) across Cisco’s Supply Chain.

Value Chain Security (VCS) Team’s mission is to govern the embedding of pervasive and layered security and privacy at every lifecycle stage (Design, Plan, Source, Make, Quality, Delivery, Sustain, End of Life) of Cisco’s products and offers (hardware, software, SaaS, applications) to protect our customers. VCSA applies industry standards to build and implement controls that ensure Cisco’s products and offers meet market needs and establish Cisco as an industry leader in all aspects of supply chain security.

VCSA mitigates security threats to our products, offers and third-party ecosystem: specifically, threats of manipulation, espionage, and disruption by delivering unified risk management and practical insights that protects and positions Cisco as the most trusted brand.

What You Will Do

  • Drive anti-counterfeit technology validation during product development processes.
  • Lead data protection efforts for manufacturing and product data as it flows into third party ecosystems.
  • Ensure security controls are deployed into product development to include granular access control, threat modeling, encryption, and data flow visibility.
  • Drive chain of custody integrity efforts from engineering to manufacturing.
  • Lead implementation of tools and processes to ensure data flow is integrity through product development lifecycle.
  • Identify and assess potential risks and vulnerabilities within the product development lifecycle.
  • Standard processes, documentation, and drive overall consistency.
  • Develop strategies and solutions to mitigate potential security threats.
  • Keep up to date with the latest product security technologies and trends.
  • Work closely with product development teams to integrate security measures into product designs.
  • Participate in the creation and enforcement of hardware security policies and procedures.

Who’s on Your Team

"It starts with Trust!" There has never been a better time to be a member of the Security & Trust Organization (S&TO) at Cisco. The company, customer and shareholders are increasingly aware of the role security, trust, data protection and privacy play in achieving impactful business objectives. Security is not only imperative to mitigating cyber risk, but also a key pillar of Cisco’s differentiation in the market. Trust is an accelerator for our customers that allows innovation and success to happen at the speed the market demands.

Within S&TO, the Cisco Trust Office plays a leading role in understanding customer needs for security, privacy, data protection, and customer data management, informing, supporting, and collaborating with customers, Cisco Sales, Engineering, Government Affairs and Legal to build industry leading Trust and clarity.

Who You Are

You have energy and passion for cyber security and supply chain understanding and using analytic methodology and rigor, and critical thinking are not only your strengths but a part of your normal process in approaching a topic or problem. You grasp the details of business and technology and can sit down with senior technical leaders and guide the discussion to capture, curate and frame their insights into compelling analysis. Beyond that, you want to roll up your sleeves in world-class cyber security organization and engage, shape and influence the direction of Cisco.

Minimum Qualifications:

  • Bachelor's degree in Computer Science, Electrical Engineering, or a related field.
  • 3-5 years’ experience with hardware security / trustworthy technology mechanisms such as Trusted Platform Modules (TPM), secure boot, and hardware roots of trust.
  • Understanding of cryptographic principles and secure communication protocols.
  • Knowledge of security standards and frameworks relevant to hardware security.
  • Proven experience in hardware design and analysis
  • Familiarity with common hardware vulnerabilities and attack vectors, including side-channel attacks, fault injection, and reverse engineering.
  • Solid grasp of hardware security technologies, standard methodologies, and techniques.
  • Excellent problem-solving skills and the ability to work under pressure.
  • Strong written and verbal communication skills.

Preferred Qualifications:

  • A Master's degree or relevant professional certification will be an added advantage.
  • Experience with hardware design tools and software such as CAD tools for PCB design, FPGA programming tools, or simulation tools.
  • A deep understanding of the hardware lifecycle, from design to deployment and decommissioning.
  • Experience with embedded systems and microcontrollers.
  • Familiarity with compliance and regulatory requirements that impact hardware security, such as FIPS, Common Criteria, or specific industry standards.

Why Cisco?

#WeAreCisco. We are all unique, but collectively we bring our talents to work as a team, to develop innovative technology and power a more inclusive, digital future for everyone. How do we do it? Well, for starters – with people like you!

Nearly every internet connection around the world touches Cisco. We’re the Internet’s optimists. Our technology makes sure the data traveling at light speed across connections does so securely, yet it’s not what we make but what we make happen which marks us out. We’re helping those who work in the health service to connect with patients and each other; schools, colleges, and universities to teach in even the most challenging of times. We’re helping businesses of all shapes and sizes to connect with their employees and customers in new ways, providing people with access to the digital skills they need and connecting the most remote parts of the world – whether through 5G, or otherwise.

We tackle whatever challenges come our way. We have each other’s backs, we recognize our accomplishments, and we grow together. We celebrate and support one another – from big and small things in life to big career moments. And giving back is in our DNA (we get 10 days off each year to do just that).

We know that powering an inclusive future starts with us. Because without diversity and a dedication to equality, there is no moving forward. Our 30 Inclusive Communities, that bring people together around commonalities or passions, are leading the way. Together we’re committed to learning, listening, caring for our communities, whilst supporting the most vulnerable with a collective effort to make this world a better place either with technology, or through our actions.

So, you have colorful hair? Don’t care. Tattoos? Show off your ink. Like polka dots? That’s cool. Pop culture geek? Many of us are. Passion for technology and world changing? Be you, with us! #WeAreCisco



Message to applicants applying to work in the U.S. and/or Canada:

When available, the salary range posted for this position reflects the projected hiring range for new hire, full-time salaries in U.S. and/or Canada locations, not including equity or benefits. For non-sales roles the hiring ranges reflect base salary only; employees are also eligible to receive annual bonuses. Hiring ranges for sales positions include base and incentive compensation target. Individual pay is determined by the candidate's hiring location and additional factors, including but not limited to skillset, experience, and relevant education, certifications, or training. Applicants may not be eligible for the full salary range based on their U.S. or Canada hiring location. The recruiter can share more details about compensation for the role in your location during the hiring process.

U.S. employees have access to quality medical, dental and vision insurance, a 401(k) plan with a Cisco matching contribution, short and long-term disability coverage, basic life insurance and numerous wellbeing offerings. Employees receive up to twelve paid holidays per calendar year, which includes one floating holiday, plus a day off for their birthday. Employees accrue up to 20 days of Paid Time Off (PTO) each year and have access to paid time away to deal with critical or emergency issues without tapping into their PTO. We offer additional paid time to volunteer and give back to the community. Employees are also able to purchase company stock through our Employee Stock Purchase Program.

Employees on sales plans earn performance-based incentive pay on top of their base salary, which is split between quota and non-quota components. For quota-based incentive pay, Cisco typically pays as follows:

.75% of incentive target for each 1% of revenue attainment up to 50% of quota;

1.5% of incentive target for each 1% of attainment between 50% and 75%;

1% of incentive target for each 1% of attainment between 75% and 100%; and once performance exceeds 100% attainment, incentive rates are at or above 1% for each 1% of attainment with no cap on incentive compensation.

For non-quota-based sales performance elements such as strategic sales objectives, Cisco may pay up to 125% of target. Cisco sales plans do not have a minimum threshold of performance for sales incentive compensation to be paid.