Security Technical Lead
Cisco Systems, Inc
Vancouver, British Columbia, Canada
6d ago

Our Organization

Our approach is twofold; first Umbrella, our cloud-delivered network security service, blocks advanced attacks including malware, botnets, and phishing threats, while our predictive intelligence engine uses machine learning to automate protection against newly-

discovered threats before they can reach our customers. Today, we handle more than 80 billion daily Internet requests from 65 million+ users around the world.

Our global network has proven reliability and adds no latency. We protect each and every one of our customers' devices globally without any hardware to install or software to maintain.

Who You Are

You possess extensive experience in the security field with at least 5+ years of growing responsibility for designing and delivering Cloud and Internet-

facing applications with a focus on security. You will have a detailed understanding of cloud security and the ability to mentor technical personnel.

What You’ll Do

The CIE Security Engineer will be focused on embedding security into our development lifecycle and supporting teams to help with training and as a resource to assist with certification and compliance efforts.

The Security Engineer will partner closely with service groups across the Cisco Security Business Group who are crafting, building and operating cloud infrastructure and services offered to Cisco customers.

This position will play a leadership role in assisting these groups in securely architecting and operating their services.

This work can include helping to refine processes, conduct security reviews and perform threat modeling workshops. The Security Engineer will help the business, achieve various industry standard and internal security and compliance certifications.

You will need to establish strong, effective relationships with all stakeholders including software engineering teams, InfoSec, external and in-

house penetration testing organizations. You will be contribute to the overall security operations including following up on remediation, conducting risk assessments and helping teams meet general compliance requirements to ensure success and timely completion.

You will concentrate on cloud security, with an emphasis on cloud application development, operations and continuous integration in a multi-

tenant Internet-facing environment.

Primary Activities

  • Understand, document and represent the security models, architectures and practices of CIE services
  • Communicate with the various internal security standard owners and decision makers to understand, document and represent the requirements in a way that is easy to consume and re-
  • use across engineering teams

  • Work with InfoSec and software engineering teams to translate implementation details into compliance evidence for product security baseline requirements.
  • Have an active role in incident response, threat modeling, security awareness, education & best practices
  • Provide guidance & oversight on risk assessments
  • Assist with defining / driving Streamline security roadmap
  • Operate and administer security tools
  • Coordination with external and in-house penetration testing teams and providing oversight to ensure continued success and general compliance
  • Working on inquiries and tasks related to data privacy and protection
  • Ensuring general compliance with corporate InfoSec security standards and policies
  • Other compliance needs as they arise (FedRAMP, ISO27001 etc.)
  • Assist in security evaluation of new services / teams we on-board
  • Additional responsibilities :

  • Responsible for identifying security related deficiencies and to formulate and present sound recommendations for remediation
  • Oversee security audits of infrastructure systems security including in-house and external penetration testing
  • Suggesting and overseeing improvements to security processes and tooling
  • Provide technology solutions input and recommendations to address technology issues, working closely with DevOps teams, other architects and SME's
  • Responsible for security standards, documentation, and new feature testing for a global network and Data Center infrastructure, recommend process improvements and educational programs / trainings
  • Incident response : overseeing incident response process and coming up with remediation plans
  • Working on inquiries and tasks related to data privacy and protection
  • Streamline new offering reviews (reviewing architecture before go-live)
  • Desired Skills :

  • Holds industry-specific certifications, including one or more of the following : CCIE (Security), CISSP, CCSP, CISA, CISM, ISSAP or ISSMP.
  • Experience with vulnerability management tools : InsightVM (Nexpose), Qualys
  • Experience with penetration testing tools : Kali Linux, BurpSuite, MetaSploit, Acunetix, etc
  • Experience with SIEM systems : LogRhythm
  • Cloud Security design, architecture and operations across all cloud layers (SaaS, PaaS, IaaS)
  • The qualified candidate should have a proven track record of implementing security solutions for large SaaS products ideally in a mixed private and public cloud environment
  • Demonstrated working knowledge and proficiency in public cloud, networking, operating systems, databases, protocols, security technologies, and risk assessment
  • Strong understanding of data privacy and protection guidelines
  • Knowledge of security industry standards and certification frameworks such as NIST, FedRamp, ISO and others
  • Working knowledge of server security standard methodologies, host hardening, posture assessment, vulnerability management, device management, cloud integration capabilities and other host based security controls
  • Technical knowledge of access control mechanisms, federated authentication schemes, encryption, digital certificates and trust-based authentication
  • Excellent verbal, presentation and written communications skills
  • Ability to communicate with technical, non-technical, and senior management audiences
  • Time and productivity management skills
  • Ability to work in a global, multi-cultural team setting
  • Why Cisco

    We connect everything : people, processes, data, and things. We innovate everywhere, taking bold risks to shape the technologies that give us smart cities, connected cars, and handheld hospitals.

    And we do it in style with unique personalities who aren’t afraid to change the way the world works, lives, plays and learns.

    We are thought leaders, tech geeks, pop culture aficionados, and we even have a few purple haired rock stars. We celebrate the creativity and diversity that fuels our innovation.

    We are dreamers and we are doers. We Are Cisco.

    CiscoCareers

    Apply
    Add to favourites
    Remove from favourites
    Apply
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Continue
    Application form