About the position
The successful applicant will be performing work in FedRAMP High or IL-5 environments, and therefore, must be a U.S. Person (i.e. U.S. citizen, U.S. national, lawful permanent resident, asylee, or refugee). This position may also perform work that the U.S. government has specified can only be performed by a U.S. citizen on U.S. soil. Join our dynamic EDR (Endpoint Detection and Response) Security Team, where we foster talent and skill development through creative and challenging projects. Our team acts as a security center of excellence, transforming security controls into actionable engineering requirements, ensuring continuous compliance, automating security tasks, and sharing knowledge across teams. We collaborate closely with the Security Compliance team, focusing on building a Secure Malware Analytics (SMA) offering for the FedRAMP marketplace, enabling operations and sales in the U.S. federal space. Our team also supports SMA on security, malware analytics, and deployment security, working exclusively on FedRAMP initiatives. Our team offers a focus on security and compliance, ensuring no dull days with a variety of work. There are opportunities to work on greenfield projects and establish new services.
Responsibilities
- Understand the security posture of various offerings and ensure compliance with security controls, representing EDR products to internal and external parties, and engaging with Product Engineering and Operations teams.
- Write and review system architectures and documentation, develop software to automate compliance activities, and support continuous monitoring and audit requirements.
Requirements
- 4+ years of proven experience in security engineering or related fields.
- 3+ years of experience in software development focused on delivering compliant services.
- Proficient on writing tooling, scripts, and software configurations.
Nice-to-haves
- Relevant security certifications.
- Software development experience in languages like Ruby, Go, Python, Rust, etc.
- Familiarity with DevOps tooling (Saltstack, GitHub, Foreman, bare-metal, ESXi, etc.).
- Understanding of cryptography (X509, OpenSSL, etc.).
- Experience in Secure Development methodologies.
- Experience with data center hosted services.
- Experience working with security standards (FedRAMP, ISO, PCI, etc.).
- Experience working in a highly regulated, SLA driven services environment.
- Working knowledge of NIST SP 800-53 R5 and the ability to transform and communicate control requirements into engineering tasks.
Benefits
- Quality medical, dental and vision insurance.
- 401(k) plan with a Cisco matching contribution.
- Short and long-term disability coverage.
- Basic life insurance.
- Numerous wellbeing offerings.
- Up to twelve paid holidays per calendar year, including one floating holiday.
- Vacation time off accrued at a rate of 4.92 hours per pay period for non-exempt new hires.
- Flexible Vacation Time Off policy for exempt new hires.
- Sick Time Off provided on hire date and annually.
- Paid time to volunteer and give back to the community.
A Smarter and Faster Way to Build Your Resume