Security Engineer - Talos Security Operations at CISCO Systems
Fulton, MD 20759
About the Job
The successful applicant will be performing work in FedRAMP environments, and therefore, must be a U.S
Person (i.e
U.S
citizen, U.S
national, lawful permanent resident, asylee, or refugee)
This position may also perform work that the U.S
government has specified can only be performed by a U.S
citizen on U.S
soil.Application window is expected to close 10/21/2024.What You'll Do:Cisco Talos Intelligence Group is one of the largest commercial threat intelligence teams in the world
Talos defends Cisco customers against known and emerging threats, discovers new vulnerabilities in common software, and interdicts threats in the wild before they can further harm the internet at large
As a Security Engineer on the Talos Security Operations Team, you will work to protect assets, systems, and intellectual property from threats and vulnerabilities
You will monitor network and system performance, configurations, and security posture in an automated fashion up and down the stack and across a broad range of innovative technologies
The Talos team is an empowered and collaborative group
We work in an agile/DevOps manner with a strong focus on customer success and protecting Talos & Cisco
You will be positioned to have a significant impact within the group as you work closely with platform and data architects, software developers, system administrators, and data scientists/engineers
Typical responsibilities include:Collaborate with development teams to build, deploy and maintain the entire Talos development Suite (ClamAV, Snort, Talos Intelligence, etc.)Contribute to design of security and compliance tests based on defined testing plansIdentify security gaps and build out automation to optimize ongoing testing and responseAnalyze environment and identify potential risks for review by broader teamInterpret results from threat reports and work on sustainability solutionsTrack remediation tasks across developers, product owners and business collaborators to ensure vulnerability management complianceKeep current on industry trends and Cisco and Industry processesWho You Are:You are a self-starter who can be counted on to be consistent, thorough, and systematic in securing our platform and services
You tackle problems with a rational, logical approach and are comfortable working in a constantly evolving technical landscape
You are also motivated to learn new tools and technologies that impact the security posture of the environment
Minimum Qualifications for the Role:3+ years professional experience in information security, with a focus on infrastructure, operating systems, and networkingExperience in incident response and/or vulnerability managementExperience with cloud security controls and/or securing cloud environmentsPreferred Skills and Experience:Familiarity with security frameworks such as FedRAMP or any other government-related frameworkExperience working with DevOps practices and tools, integrating security into CI/CD pipelinesConfirmed understanding of web APIs, both from a security testing standpoint as well as using to build scripts/tools and perform analysis tasks Experience with configuration management and automation tools (preferably Ansible and/or Terraform)OS and application vulnerability scanning tools experience (e.g
Qualys, Tenable, Burp, ZAP, etc.) Python (strongly preferred), bash, or other scripting for integration and automation Automation of monitoring for security, using Prometheus, Splunk, DataDog, etc
Experience securing, documenting, and ensuring security compliance for FedRAMP environments Deployment & security support of both cloud and virtual environments (AWS, vSphere, etc) Advanced degree in computer science or related technical field or equivalent experienceCybersecurity-related certification(s), including CCSP, CISSP, CISM, CEH, etc
Why Cisco Secure:We're global, we're adaptable, we're diverse, and our security portfolio is as extensive as it is groundbreaking
Have you heard of Threat, Detection & Response, Zero Trust by Duo, Common Services Engineering, or Cloud & Network Security? Those are only a few of our product teams! The only thing we're missing is YOU.Join an enterprise security leader with a start-up culture, committed to driving innovation and giving you the opportunity to make an impact
We #InnovateToWin and we know we're better together, that's why we're dedicated to inclusivity, collaboration, and diversity in everything we do.We're proud to be the Best Small and Mid-Size Enterprises Security Solution Cisco Secure continues to grow and evolve year after year with 100% of Fortune 100 Companies using our products, and we're excited to see the new heights we'll reach with your passion for security, your customer focus, and your desire to change things up!There are so many amazing reasons to join Cisco
Learn more here!Location:Offsite, Fulton, Maryland, USAlternate LocationRTP, Atlanta, AustinArea of InterestSecurityCompensation Range130400 USD - 180600 USD Job TypeProfessionalTechnology InterestSecurityJob Id1430428Message to applicants applying to work in the U.S
and/or Canada:When available, the salary range posted for this position reflects the projected hiring range for new hire, full-time salaries in U.S
and/or Canada locations, not including equity or benefits
For non-sales roles the hiring ranges reflect base salary only; employees are also eligible to receive annual bonuses
Hiring ranges for sales positions include base and incentive compensation target
Individual pay is determined by the candidate's hiring location and additional factors, including but not limited to skillset, experience, and relevant education, certifications, or training
Applicants may not be eligible for the full salary range based on their U.S
or Canada hiring location
The recruiter can share more details about compensation for the role in your location during the hiring process.U.S
employees have access to quality medical, dental and vision insurance, a 401(k) plan with a Cisco matching contribution, short and long-term disability coverage, basic life insurance and numerous wellbeing offerings
Employees receive up to twelve paid holidays per calendar year, which includes one floating holiday, plus a day off for their birthday
Employees accrue up to 20 days of Paid Time Off (PTO) each year and have access to paid time away to deal with critical or emergency issues without tapping into their PTO
We offer additional paid time to volunteer and give back to the community
Employees are also able to purchase company stock through our Employee Stock Purchase Program.Employees on sales plans earn performance-based incentive pay on top of their base salary, which is split between quota and non-quota components
For quota-based incentive pay, Cisco typically pays as follows:.75% of incentive target for each 1% of revenue attainment up to 50% of quota;1.5% of incentive target for each 1% of attainment between 50% and 75%;1% of incentive target for each 1% of attainment between 75% and 100%; and once performance exceeds 100% attainment, incentive rates are at or above 1% for each 1% of attainment with no cap on incentive compensation.For non-quota-based sales performance elements such as strategic sales objectives, Cisco may pay up to 125% of target
Cisco sales plans do not have a minimum threshold of performance for sales incentive compensation to be paid.
Person (i.e
U.S
citizen, U.S
national, lawful permanent resident, asylee, or refugee)
This position may also perform work that the U.S
government has specified can only be performed by a U.S
citizen on U.S
soil.Application window is expected to close 10/21/2024.What You'll Do:Cisco Talos Intelligence Group is one of the largest commercial threat intelligence teams in the world
Talos defends Cisco customers against known and emerging threats, discovers new vulnerabilities in common software, and interdicts threats in the wild before they can further harm the internet at large
As a Security Engineer on the Talos Security Operations Team, you will work to protect assets, systems, and intellectual property from threats and vulnerabilities
You will monitor network and system performance, configurations, and security posture in an automated fashion up and down the stack and across a broad range of innovative technologies
The Talos team is an empowered and collaborative group
We work in an agile/DevOps manner with a strong focus on customer success and protecting Talos & Cisco
You will be positioned to have a significant impact within the group as you work closely with platform and data architects, software developers, system administrators, and data scientists/engineers
Typical responsibilities include:Collaborate with development teams to build, deploy and maintain the entire Talos development Suite (ClamAV, Snort, Talos Intelligence, etc.)Contribute to design of security and compliance tests based on defined testing plansIdentify security gaps and build out automation to optimize ongoing testing and responseAnalyze environment and identify potential risks for review by broader teamInterpret results from threat reports and work on sustainability solutionsTrack remediation tasks across developers, product owners and business collaborators to ensure vulnerability management complianceKeep current on industry trends and Cisco and Industry processesWho You Are:You are a self-starter who can be counted on to be consistent, thorough, and systematic in securing our platform and services
You tackle problems with a rational, logical approach and are comfortable working in a constantly evolving technical landscape
You are also motivated to learn new tools and technologies that impact the security posture of the environment
Minimum Qualifications for the Role:3+ years professional experience in information security, with a focus on infrastructure, operating systems, and networkingExperience in incident response and/or vulnerability managementExperience with cloud security controls and/or securing cloud environmentsPreferred Skills and Experience:Familiarity with security frameworks such as FedRAMP or any other government-related frameworkExperience working with DevOps practices and tools, integrating security into CI/CD pipelinesConfirmed understanding of web APIs, both from a security testing standpoint as well as using to build scripts/tools and perform analysis tasks Experience with configuration management and automation tools (preferably Ansible and/or Terraform)OS and application vulnerability scanning tools experience (e.g
Qualys, Tenable, Burp, ZAP, etc.) Python (strongly preferred), bash, or other scripting for integration and automation Automation of monitoring for security, using Prometheus, Splunk, DataDog, etc
Experience securing, documenting, and ensuring security compliance for FedRAMP environments Deployment & security support of both cloud and virtual environments (AWS, vSphere, etc) Advanced degree in computer science or related technical field or equivalent experienceCybersecurity-related certification(s), including CCSP, CISSP, CISM, CEH, etc
Why Cisco Secure:We're global, we're adaptable, we're diverse, and our security portfolio is as extensive as it is groundbreaking
Have you heard of Threat, Detection & Response, Zero Trust by Duo, Common Services Engineering, or Cloud & Network Security? Those are only a few of our product teams! The only thing we're missing is YOU.Join an enterprise security leader with a start-up culture, committed to driving innovation and giving you the opportunity to make an impact
We #InnovateToWin and we know we're better together, that's why we're dedicated to inclusivity, collaboration, and diversity in everything we do.We're proud to be the Best Small and Mid-Size Enterprises Security Solution Cisco Secure continues to grow and evolve year after year with 100% of Fortune 100 Companies using our products, and we're excited to see the new heights we'll reach with your passion for security, your customer focus, and your desire to change things up!There are so many amazing reasons to join Cisco
Learn more here!Location:Offsite, Fulton, Maryland, USAlternate LocationRTP, Atlanta, AustinArea of InterestSecurityCompensation Range130400 USD - 180600 USD Job TypeProfessionalTechnology InterestSecurityJob Id1430428Message to applicants applying to work in the U.S
and/or Canada:When available, the salary range posted for this position reflects the projected hiring range for new hire, full-time salaries in U.S
and/or Canada locations, not including equity or benefits
For non-sales roles the hiring ranges reflect base salary only; employees are also eligible to receive annual bonuses
Hiring ranges for sales positions include base and incentive compensation target
Individual pay is determined by the candidate's hiring location and additional factors, including but not limited to skillset, experience, and relevant education, certifications, or training
Applicants may not be eligible for the full salary range based on their U.S
or Canada hiring location
The recruiter can share more details about compensation for the role in your location during the hiring process.U.S
employees have access to quality medical, dental and vision insurance, a 401(k) plan with a Cisco matching contribution, short and long-term disability coverage, basic life insurance and numerous wellbeing offerings
Employees receive up to twelve paid holidays per calendar year, which includes one floating holiday, plus a day off for their birthday
Employees accrue up to 20 days of Paid Time Off (PTO) each year and have access to paid time away to deal with critical or emergency issues without tapping into their PTO
We offer additional paid time to volunteer and give back to the community
Employees are also able to purchase company stock through our Employee Stock Purchase Program.Employees on sales plans earn performance-based incentive pay on top of their base salary, which is split between quota and non-quota components
For quota-based incentive pay, Cisco typically pays as follows:.75% of incentive target for each 1% of revenue attainment up to 50% of quota;1.5% of incentive target for each 1% of attainment between 50% and 75%;1% of incentive target for each 1% of attainment between 75% and 100%; and once performance exceeds 100% attainment, incentive rates are at or above 1% for each 1% of attainment with no cap on incentive compensation.For non-quota-based sales performance elements such as strategic sales objectives, Cisco may pay up to 125% of target
Cisco sales plans do not have a minimum threshold of performance for sales incentive compensation to be paid.