Security Analyst
The Cisco Security Business Group (SBG) focuses on empowering the world to reach its full potential, securely through the Cisco Secure products. The SBG Security team supports this mission by building thoughtful partnerships with our internal partners to drive security strategy alignment across the SBG portfolio. Through these efforts, we are able to deliver simple, effective security solutions for our internal customers that meet both market and industry expectations.
Our team's mission is to become our internal customers' most trusted partners by building best-in-class security programs that shape the market with our research, make it easy for our customer teams within Cisco to develop secure software, protect our most valuable information and customer assets, and enable SBG employees to work securely as they deliver Cisco Secure products including Duo, Umbrella, SecureX, Talos, Amp for Endpoints, StealthWatch, Tetration, and beyond.
#WeAreCisco, where each person is unique and our team is our secret weapon. We run the spectrum from artists to analysts, low-key to high energy, and bring together a diversity of skill sets, experiences, and perspectives to solve the sophisticated problems that come with securing a growing business. Together we build solutions that are easy, effective, trustworthy, and enduring.
We are looking for a Security Analyst to join the team responsible for incident response, vulnerability management, and security awareness training for the Duo business unit. In this role, you will need to stay on top of the latest threats and trends in order to keep Duo's infrastructure, services, endpoints, networks, and accounts secure.
What you will do:
- Perform vulnerability management functions, including scanning and vulnerability response management
- Perform incident response activities in support of the product and enterprise systems and service
- Respond to security tickets from employees
- Investigate alerts
- Develop, maintain, and deliver security awareness training content in partnership with the Security Education program
- Create and maintain current documentation (playbooks for Vulnerability Management, Incident Response, common ticket types, etc.)
- Apply the output of threat hunts are into new detections and gap assessments
- Collaborate directly with the SOC team on new detection rules
- Build positive relationships with both Engineering and Security architecture to advocate for additional log sources
- Develop and maintain a library of ad-hoc threat hunts for other teams to use daily
- Demonstrate expertise by uncovering adversary activity not detected by our current detection rules
- Actively researching new TTPs from public and internal reporting
- Create compelling internal presentations from the results of your work
- Provide exceptional customer service to Duo employees, partners, and customers
Skills you have:
- 2 - 5 years experience as an analyst
- Deep knowledge of, and hands-on experience performing vulnerability management
- Experience collaborating successfully with security, compliance, engineering, and IT teams
- Solid understanding of incident response
- Practical experience working at a global scale, with teams that are remote from each other
- Experience with automation and scripting experience in Python or PowerShell is a PLUS
- Knowledge of DevOps and Agile
- Experience with Amazon Web Services, Microsoft Azure, and/or Google Cloud
- A passion for spreading security awareness to everyone you meet
3 reasons to apply:
You're a skilled individual contributor looking for new growth opportunities in vulnerability management
You are passionate about helping others learn, succeed, and grow in the information security space and you would like to do just that for a team of security analysts
You love the varied action of security operations and want to evolve it for a fast growing security company
Our team is committed to cultivating and preserving a culture of inclusion and connectedness. We are able to grow and learn better together with a diverse team of employees. The collective sum of the individual differences, life experiences, knowledge, innovation, self-expression, and talent that our employees invest in their work represents not only part of our culture, but our reputation and Cisco's achievement as well. In recruiting for our team, we encourage the unique contributions that all potential candidates can bring in terms of their education, opinions, culture, ethnicity, race, gender identity and expression, nationality, age, languages spoken, veteran's status, religion, disability, sexual orientation and beliefs.
And if this role is exciting to you, we encourage you to apply even if you don't meet all 100% of the description or qualifications. Finally and most importantly, we are a proud Equal Opportunity Employer.
#WeAreCisco, where each person is unique, but we bring our talents to work as a team and make a difference powering an inclusive future for all.
We embrace digital, and help our customers implement change in their digital businesses. Some may think we're "old" (36 years strong) and only about hardware, but we're also a software company. And a security company. We even invented an intuitive network that adapts, predicts, learns and protects. No other company can do what we do - you can't put us in a box!
But "Digital Transformation" is an empty buzz phrase without a culture that allows for innovation, creativity, and yes, even failure (if you learn from it.)
Day to day, we focus on the give and take. We give our best, give our egos a break, and give of ourselves (because giving back is built into our DNA.) We take accountability, bold steps, and take difference to heart. Because without diversity of thought and a dedication to equality for all, there is no moving forward.
So, you have colorful hair? Don't care. Tattoos? Show off your ink. Like polka dots? That's cool. Pop culture geek? Many of us are. Passion for technology and world changing? Be you, with us!
U.S. Vaccination Requirements
Cisco requires all U.S. employees to be fully vaccinated or have an approved religious or medical accommodation. Candidates accepting an offer must provide proof of vaccination status on their first day. If someone anticipates requesting an accommodation for this requirement, they must receive approval before the start date. Candidates receiving an offer will receive additional information about the accommodation process at the time of the offer. All offers of employment are contingent upon complying with Cisco's vaccination policy.