Cloud Security Operations and Compliance Engineer (FedOps/SecOps)

Who You'll Work With

Cisco SD-WAN Cloud Team (Previously, Viptela Cloud Team) builds, deploys, and handles the entire SD-WAN cloud infrastructure for enterprises and service providers. With the growth and expansion of SD-WAN, we are looking to expand our team in all aspects. We work with multiple clouds and collaborate with multiple teams including an engineering operation's team. You will work with the SD-WAN solution team, Cloud development, and test teams to secure orchestrated controllers and services for SD-WAN. This security and compliance role will have views across the complete lifecycle of the product to include ordering, provisioning, on-boarding, and operations.

Who You Are

As part of SDWAN Cloud Security Operations team, you will apply your skills and knowledge to make sure the SaaS environments (Department of Defense, U.S. Federal, and commercial) are secured in accordance with cloud security standard processes, operated with security in mind, and aligned with Cisco internal requirements, as well as external regulations. You will continuously assess and improve security posture, implement effective security monitoring systems, and collaborate on security controls reporting automation.

You will have direct responsibilities to ensure that active security monitoring of both commercial and U.S. Federal environments is undertaken on a continuous basis by leading all aspects of a vulnerability management program, participating in and leading risk analysis of findings, and ensuring that the SecOps team is performing at maximum efficiency globally. Ability and willingness to travel, as needed, in support of Global SecOps leadership role is required. This role will have a main focus on, and responsibility for, U.S. Department of Defense cloud solutions. Applicants should have a Top-Secret Clearance.

Required Skills

• Have, or be able to achieve, Top-Secret Clearance
• Must be a U.S. Citizen, U.S. Soil
• 5+ years proven track record in cybersecurity
• Consistent track record with the FedRAMP authorization process; first-hand experience with FedRAMP PMO
• Must be proficient in coding in Python
• Experience with vulnerability management and incident response processes
• Knowledge of authentication protocols, authorization standards and crypto primitives (TLS, OAuth, SAML, JWT, etc.)
• Firm grasp of SOC2, NIST 800-53, ISO 27001, ISO 27017, ISO 27018, C5, IRAP, and other key cloud certifications

Preferred Skills

• Have a working history/knowledge of the DoD/DISA authorization processes
• Have prior experience protecting cloud-based environments. 2+ years in a cloud security role preferred
• Have clear experience with AWS services: EC2, VPC, KMS, ECS, EKS, S3, Route53, IAM, SSO GuardDuty, Secret Manager, CloudWatch
• Practiced in CSDL, IL5, DSAWG / DISA PA
• Clear experience building and maintaining compliance programs for Cisco product and cloud offerings.
• Solid grasp of Tenable, Linux, Docker, Kubernetes
• History of implementing enterprise security tools - SIEM, IDS/IPS, FIM, PAM
• Familiarity with OWASP TOP-10, CIS Benchmarks, STIGs
• Experience / knowledge eMASS, SNAPS, PPSM, C-ITP
• Experience with Infrastructure as Code and Configuration Management tools.
• Experience / knowledge of working with RESTFUL APIs and Webservices
• Experience with alerting and monitoring tools.
• Experience with common security scanning tools (e.g., Nessus, Tenable, Qualys, IBM AppScan, Burp Suite, etc.)
• Understanding of software development lifecycle models, as well as the approaches to implement the AWS Well-Architected Framework.
• Knowledge of Ansible and Terraform
• Certification (AWS Security Specialty, GCIH - GIAC Certified Incident Handler, (ISC)2 CCSP - Certified Cloud Security Professional) is a plus

3 reasons to apply

1. You have a passion for automating the easy things in life-and the hard ones too!
2. You thrive when things are ambiguous, and desire to strategically explore problem spaces without having a clear goal. Where you're going, you don't need roads!
3. You care about chipping in to a collaborative culture and being responsible for providing technical leadership.

Why Cisco

At Cisco, everyone brings outstanding talents to work as a team and make a difference. Yes, our technology changes how the world works, lives, plays, and learns, but our edge comes from our people. We connect everything - people, processes, data, and things - and use those connections to improve our world. We innovate everywhere - From launching a new era of networking that adapts, learns, and protects to building Cisco Services that accelerate businesses and business results. Our technology powers entertainment, retail, healthcare, education and more - from Smart Cities to your everyday devices. We benefit everyone - We do all of this while aspiring for a culture that empowers every person to be the difference at work and in our communities. Colorful hair? Don't care. Tattoos? Show off your ink. Like polka dots? That's cool. Pop culture enthusiast? Many of us are. Be you, with us! #WeAreCisco