Senior Security Engineer

About the job

We prefer candidates in the Eastern Standard Time (EST) zone but are also open to applicants from the Central Standard Time (CST) zone. Cisco's Secure Workload product, formerly Cisco Tetration, is a comprehensive workload protection solution that provides security for applications running in any environment, whether on-premises data centers, public clouds, or private clouds. It offers consistent security policies across the entire infrastructure and helps organizations track application behavior, automate security policies, and protect workloads against threats. We are looking for a Senior Security Engineer to refine compliance efforts and ensure the security and audit ability of Cisco Secure Workload. This role ensures the organization meets Cisco and industry standards and maintains a strong security posture.

What you’ll do

• Develop, maintain, and manage tools and evidence required for security compliance within Cisco Secure Workload.
• Take the lead in designing, developing, and implementing automated processes for evidence collection and compliance reporting.
• Establish and manage evidence retention policies to align with security frameworks while designing and maintaining automated evidence collection processes for efficiency and accuracy.
• Collaborate on data integration to embed these processes into existing systems, ensuring continuous improvement for reliability and scalability.
• Keep meticulous documentation and manage a well-organized evidence repository for audit readiness.
• Develop a detailed evidence collection strategy for Cisco Secure Workload, validate evidence integrity with internal teams, and promote security awareness across departments.
• Proactively improve evidence collection methods and support compliance audits with necessary documentation.

Who you’ll work with

You will join experienced engineers who are developing sophisticated, complex security products. You will sit in the Secure Workload Engineering team, whose mission is to empower engineers with the quality tools, frameworks, and processes to continuously deliver high-quality, secure code to customers.

Who you are

Excellent problem-solving and resolution skills. Thrive in fast-paced environments and possess outstanding written and verbal communication abilities. Take the initiative as a driven individual who sets a strong example and is well-versed in adapting to and thriving in constantly evolving work landscapes.

Minimum Qualifications

• Bachelor's degree in computer science, Information Technology, or a related field.
• 8+ years of experience in DevOps and/or Software Development and/or DevSecOps.
• Engineering or development experience, proficiency in scripting and automation tools (e.g., Python).
• Strong Experience with Unix/Linux system administration.
• Experience in cloud security and operations, preferably in Google Cloud Platform (GCP) or AWS or Azure environments.

Preferred Qualifications

• Strong understanding of security frameworks (e.g., SOC2, FIPS140), controls, and compliance requirements.
• Strong understanding of GCP security standard methodologies, controls, and compliance standards.
• Experience in collecting evidence for security compliance within cloud security environments.
• Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) certification is a plus.
• Experience in crafting and implementing automated processes for security compliance projects.