Security Automation Engineer
Please note this posting is to advertise potential job opportunities. This exact role may not be open today, but could open in the near future. When you apply, a Cisco representative may contact you directly if a relevant position opens.
The Cisco Security Business Group (SBG) focuses on empowering the world to reach its full potential, securely through the Cisco Secure products. Within the SBG Security team, we support this mission by building thoughtful partnerships with our internal stakeholders to drive security strategy alignment across the SBG portfolio to deliver simple, effective security solutions for our internal customers that meet both market and industry expectations.
Our team's mission is to become our internal customers' most trusted partners by building best-in-class security programs that shape the market with our research, make it easy for our customer teams within Cisco to develop secure software, protect our most valuable information and customer assets, and enable SBG employees to work securely as they deliver Cisco Secure products including Duo, Umbrella, SecureX, Talos, Amp for Endpoints, StealthWatch, Tetration, and beyond.
#WeAreCisco, where each person is unique, and our team is our secret weapon. We run the spectrum from artists to analysts, low-key to high energy, and bring together a diversity of skill sets, experiences, and perspectives to solve the complex problems that come with securing a growing business. Together we build solutions that are easy, effective, trustworthy, and enduring.
We are looking for a Security Automation Engineer to proactively identify and mitigate security risk to Cisco SBG.
What you will do:
• Automate product security testing techniques and tools including, but not limited to; static analysis (SAST), dynamic analysis (DAST), software composition analysis (SCA) and container scanning.
• Develop and enhance automated technical solutions that will help the SBG Security team manage their core responsibilities efficiently. Examples include, but not limited to; creating modules that will help orchestrate security scanning, automate defect management, real-time risk reporting dashboards, increase efficacy of security testing.
• Help mature the Security Automation program by transforming daily operations, modernizing processes and technologies, and constantly improving internal customer experience.
• Gather and translate business and functional requirements into thoughtful designs.
• Communicate, revise and finalize the designs via wireframes, specifications and/or prototypes.
• Emphasize software craftsmanship and apply it to our agile developmental processes and practices through build automation and testing techniques, constantly improving security, usability, and scalability.
Skills you have:
• You are comfortable with various security vulnerability classes and tooling to detect them.
• Ability to drive end-to-end software development lifecycle from concept to deployment.
• Familiarity or an interest in learning and applying a human-centered design thinking approach.
• You have experience writing performant, maintainable full-stack software.
• You have experience delivering quality software through automated testing, continuous integration, continuous delivery (CI/CD/CD), agile methodologies & DevSecOps concepts
• You have working knowledge of deploying applications to AWS leveraging services like ECS, CloudFront and CloudWatch.
• Excellent cross-disciplinary collaboration, communication and documentation skills
3 reasons to apply:
• You revel in the opportunity to make your conceptual designs a deployable reality.
• You're passionate about security, but understand each control or process has a "cost" that must be thought about critically, and from the point-of-view of many stakeholders.
• You want to continuously elevate your skills and the skills of your teammates.
Our team is committed to cultivating and preserving a culture of inclusion and connectedness. We are able to grow and learn better together with a diverse team of employees. The collective sum of the individual differences, life experiences, knowledge, innovation, self-expression, and talent that our employees invest in their work represents not only part of our culture, but our reputation and Cisco's achievement as well. In recruiting for our team, we welcome the unique contributions that all potential candidates can bring in terms of their education, opinions, culture, ethnicity, race, gender identity and expression, nationality, age, languages spoken, veteran's status, religion, disability, sexual orientation and beliefs.
And if this role is exciting to you, we encourage you to apply even if you don't meet all 100% of the description or qualifications. Finally and most importantly, we are a proud Equal Opportunity Employer.
U.S. Vaccination Requirements
Cisco requires all U.S. employees to be fully vaccinated or have an approved religious or medical accommodation. Candidates accepting an offer must provide proof of vaccination status on their first day. If someone anticipates requesting an accommodation for this requirement, they must receive approval before the start date. Candidates receiving an offer will receive additional information about the accommodation process at the time of the offer. All offers of employment are contingent upon complying with Cisco's vaccination policy.