The successful applicant will be performing work on US Government classified environments, and therefore, must be a U.S. Person (i.e., U.S. citizen, U.S. national, lawful permanent resident, asylee, or refugee). This position may also perform work that the U.S. government has specified can only be performed by a U.S. citizen on U.S. soil.
Cisco Cloud Security is a leading provider of network security services, enabling the world to connect to the Internet with confidence on any device, anywhere, anytime. We build and operate highly available, distributed cloud-delivered security solutions critical to the success of the next wave of innovation in the security industry.
We are seeking a passionate engineer to help us migrate, launch, and operate the next generation of the entire Umbrella cloud security (Umbrella) platform in an AWS GovCloud-native environment, so we can effectively expand our access to the public sector market. Our current focus is on growing the platform's FedRAMP (Federal Risk and Authorization Management Program) authorization. If you're not familiar with FedRAMP, it's a US government security certification with exceedingly high standards that requires everything you've ever wanted in a solid infrastructure - precision transformation, consistent backups, centralized & high-performance logging, and alerting, all built with every effective security capability you've ever heard of.
What You'll Do
- Develop, manage, and operate the Public Key Infrastructure (PKI) that underpins the Umbrella Federation environment
- Own end-to-end code/infrastructure releases throughout the different environments supported (dev, stage, prod)
- Engage with end users to support their PKI needs performing regular certificate onboarding tasks, getting feedback or capturing new use cases among other things.
- Serve as PKI SME when interacting with different teams and unblock their PKI questions/concerns.
- Work multi-functionally to achieve certification, perform security reviews, and remediate audit findings.
- Design and implement features and components in a team-oriented environment. Own the development of functional components.
- Implement consistent DevSecOps practices for the Cisco Cloud Security organization
- Contribute to a no-blame culture that values learning, transparency, accountability, trust, kindness, and mutual respect.
- Work with Product Management and Legal on privacy impact assessments to ensure the privacy of the platform and update the Cloud Security privacy sheet.
- Assist and ensure engineering teams follow various Cisco- and industry-specific compliance frameworks such as SOC-2, ISO 27001, and FedRAMP / NIST SP 800-53.
- Find opportunities for automation, partner with the engineering and security team on implementing automation
- Mentor engineering teams and help them on their journey to DevSecOps
- Provide thought leadership and domain expertise within Cloud Security to facilitate a culture of security and privacy.
- Collaborate with peer groups within the larger security team on Trust & Compliance, Security Operations, Risk Management, Security Engineering, and Education activities.
Who You'll Work With
Our team is composed of engineering and security professionals who work in a fast-paced, sometimes ambiguous, and innovative environment. We are in the early stages of designing, building, and operating a new infrastructure that will quickly grow to manage millions of end-user seats running highly critical, security-sensitive workloads.
Who You Are
If you've been looking for a massively impactful, high-stakes, and greenfield engineering opportunity, it doesn't get much better than this.
Basic Qualifications
- 5+ years experience building, scaling, and managing enterprise applications in cloud-native environments.
- 4+ years as a technical engineer in Agile DevOps environment. Using frameworks, technologies, DevOps/DevSecOps practices (for e.g. designing and building Jenkins, CI/CD pipeline, and infrastructure-as-code tools (for e.g. Terraform and Terragrunt)
- 3+ years' experience with Amazon Web Services (AWS), such as ACM, PCA, Secret Manager, IAM or Lambda.
- 2+ years working experience with cryptographic processes, such as PKI, Certificates or Key Management.
Preferred Qualifications
- US Security clearance (especially T4 clearance) is a huge plus.
- Exposure to building or maintaining infrastructures hardened to meet FedRAMP, IL4/IL5 compliance.
- Experience with or a strong desire to learn Golang, which is used extensively within the team.
- Programming experience in Python is nice to have
- Experience with SNS, SQS, CloudWatch and Step Functions
- Knowledge of testing methodologies, monitoring, observability tools, and techniques.
- Working experience with Docker containers
- Experience enabling high availability, disaster recovery, monitoring & alerts, testing methodologies, automation, and continuous dedication for cloud-native SaaS applications supporting a global customer base.
- History of working with multi-functional teams with strong collaboration and communication skills; have the desire to speak up, share ideas, and help others
- You stay on top of industry standard processes, and you've established relationships with engineering teams based on collaboration, empathy, and the pursuit of excellence.
Why Cisco Secure
We're global, we're adaptable, we're diverse, and our security portfolio is as extensive as it is groundbreaking. Have you heard of Threat, Detection & Response, Zero Trust by Duo, Common Services Engineering, or Cloud & Network Security? Those are only a few of our product teams! The only thing we're missing is YOU.
Join an enterprise security leader with a start-up culture, committed to driving innovation and giving you the opportunity to make an impact. We #InnovateToWin and we know we're better together, that's why we're dedicated to inclusivity, collaboration, and diversity in everything we do.
We're proud to be the Best Small and Mid-Size Enterprises Security Solution Cisco Secure continues to grow and evolve year after year with 100% of Fortune 100 Companies using our products, and we're excited to see the new heights we'll reach with your passion for security, your customer focus, and your desire to change things up!
There are so many amazing reasons to join Cisco. Learn more here!
#LI-LM1
#LI-Remote
Message to applicants applying to work in the U.S. and/or Canada:When available, the salary range posted for this position reflects the projected hiring range for new hire, full-time salaries in U.S. and/or Canada locations, not including equity or benefits. For non-sales roles the hiring ranges reflect base salary only; employees are also eligible to receive annual bonuses. Hiring ranges for sales positions include base and incentive compensation target. Individual pay is determined by the candidate's hiring location and additional factors, including but not limited to skillset, experience, and relevant education, certifications, or training. Applicants may not be eligible for the full salary range based on their U.S. or Canada hiring location. The recruiter can share more details about compensation for the role in your location during the hiring process.U.S. employees have access to quality medical, dental and vision insurance, a 401(k) plan with a Cisco matching contribution, short and long-term disability coverage, basic life insurance and numerous wellbeing offerings. Employees receive up to twelve paid holidays per calendar year, which includes one floating holiday, plus a day off for their birthday. Employees accrue up to 20 days of Paid Time Off (PTO) each year and have access to paid time away to deal with critical or emergency issues without tapping into their PTO. We offer additional paid time to volunteer and give back to the community. Employees are also able to purchase company stock through our Employee Stock Purchase Program.Employees on sales plans earn performance-based incentive pay on top of their base salary, which is split between quota and non-quota components. For quota-based incentive pay, Cisco typically pays as follows:.75% of incentive target for each 1% of revenue attainment up to 50% of quota;1.5% of incentive target for each 1% of attainment between 50% and 75%;1% of incentive target for each 1% of attainment between 75% and 100%; and once performance exceeds 100% attainment, incentive rates are at or above 1% for each 1% of attainment with no cap on incentive compensation.For non-quota-based sales performance elements such as strategic sales objectives, Cisco may pay up to 125% of target. Cisco sales plans do not have a minimum threshold of performance for sales incentive compensation to be paid.
What We Do
Duo Security, now part of Cisco, is the leading multi-factor authentication (MFA) and secure access provider.
Duo is built on the promise of doing the right thing for our customers and each other. This promise is as central to our business as the product itself. Our four guiding principles are the heart of this sensibility: Easy, Effective, Trustworthy, Enduring
We’re transforming security from the ground up by solving the world’s most pressing geopolitical challenge — safe, secure information access. We engineer our business to enable our customers to easily address their ever-evolving security challenges.
We believe that impactful work is rewarding work and that our team is at its best when everyone feels empowered to bring their whole self to work. We learn together by hiring for cultural contribution, not cultural fit, and recognize that diversity in background and thought are essential to building high-impact teams.
We invest in growth and learning opportunities and encourage our people to never stop learning. We foster collaboration and believe in being recognized (and rewarded!) for hard work. We champion a healthy work-life balance. We’re kinder than necessary.
Together we build for the future by designing simple solutions for complex problems. And that’s why we’re the most loved and trusted name in security.
Why Work With Us
With the Most Loved Company in Security and the global leader in network technology joining forces, there are more exciting opportunities than ever to be at the forefront of securing the cloud.
Our culture is built on collaboration and the belief of enabling and empowering you to follow your passions inside and outside of the office.