What are the responsibilities and job description for the Security Architect position at Cisco?
Cisco's Security Visibility and Incident Command (SVIC) forms part of the detection, compliance, monitoring & response branch of Cisco's Security and Trust Organization (S&TO). We provide Cisco with security threat detection, compliance monitoring, vulnerability discovery and response services in order to protect Cisco from attacks, abuse, reputational harm and the loss of its intellectual assets. The primary mission of SVIC is to help ensure enterprise, system, and data risk management by performing comprehensive investigations into cyber security incidents, and to assist in the prevention of such incidents by either compliance or engaging in dedicated threat assessment, mitigation planning, incident trend analysis, and security architecture review. We are a highly-functioning, diverse, and globally distributed group of outstanding professionals from various technical backgrounds.
What you'll do
Cisco's Security Visibility and Incident Command team is looking for a Security Architect focused on Vulnerability Scanning with extensive experience developing for cloud technologies such as Amazon Web Services (AWS), Google Cloud Platform (GCP), Azure and private clouds with working experience with Kubernetes and Docker and Vulnerability Scanning technologies such as Tenable, Qualys and Rumble.
This will be a hands-on role supporting the Vulnerability Management Operations Program. The candidate is expected to perform security audit functions to scan, identify, validate, and remediate security vulnerabilities. This includes designing and deploying vulnerability identification programs and providing remediation guidance to the end users
Roles & Responsibilities
- Establish security requirements for cloud-based and onPrem solutions by evaluating business strategies and requirements, researching infrastructure security standards such as ISO 27000 series, NIST CSF, and CSA
- Provide domain expertise in both public and private cloud and enterprise technology
- Participate, lead and jointly deliver security evaluation reports on cloud providers (Azure, AWS,GCP) and cloud native platforms (Docker and Kubernetes) and onPrem environments
- Continually evaluate new threats in the cloud and on Prem, to identify the impact on IT and Business and to develop and implement security controls
- Provide recommendations for improvement and risk reduction by assessing clients' Security Vulnerability posture
The ideal candidate must enjoy working in a fast-paced environment with a proactive, "take-charge" / "can-do" attitude and is able to demonstrate flexibility and resiliency. Successful candidate must be self-sufficient and be able to work with minimal supervision. Work with geographically distributed teams across different time zones. Works with cross-functional teams to create solutions for automatic deployment of Infosec team's security products
Required qualifications
- Strong understanding of vulnerability management and security testing practices and methodologies.
- 3 years of experience working with any industry standard scanning tool in (eg. Qualys, Nessus, AppScan etc.)
- Experience using common security testing and analysis tools (Metasploit, Kali, Wireshark)
- Knowledge and understanding of key differences between most popular cloud provider (e.g. Azure, AWS, GCP, Open Stack, Pivotal Cloud Foundry, BOSH, Kubernetes, Docker )
- Expert knowledge of system, application, and database hardening techniques and practices.
- Understanding of Industry trends in cloud technologies for public, private and hybrid cloud deployments
- Strong domain expertise of cloud infrastructure compute, network and storage as well as the cloud control plane
- Knowledge of virtualization, containers, service-mesh and enterprise service business
- Experience with structured Enterprise Architecture practices, hybrid cloud deployments, and on-premise-to-cloud migration deployments
- Ability to identify and drive remediation of Security Vulnerabilities
Cisco is an Affirmative Action and Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis.
Cisco will consider for employment, on a case by case basis, qualified applicants with arrest and conviction records.
What you'll do
Cisco's Security Visibility and Incident Command team is looking for a Security Architect focused on Vulnerability Scanning with extensive experience developing for cloud technologies such as Amazon Web Services (AWS), Google Cloud Platform (GCP), Azure and private clouds with working experience with Kubernetes and Docker and Vulnerability Scanning technologies such as Tenable, Qualys and Rumble.
This will be a hands-on role supporting the Vulnerability Management Operations Program. The candidate is expected to perform security audit functions to scan, identify, validate, and remediate security vulnerabilities. This includes designing and deploying vulnerability identification programs and providing remediation guidance to the end users
Roles & Responsibilities
- Establish security requirements for cloud-based and onPrem solutions by evaluating business strategies and requirements, researching infrastructure security standards such as ISO 27000 series, NIST CSF, and CSA
- Provide domain expertise in both public and private cloud and enterprise technology
- Participate, lead and jointly deliver security evaluation reports on cloud providers (Azure, AWS,GCP) and cloud native platforms (Docker and Kubernetes) and onPrem environments
- Continually evaluate new threats in the cloud and on Prem, to identify the impact on IT and Business and to develop and implement security controls
- Provide recommendations for improvement and risk reduction by assessing clients' Security Vulnerability posture
The ideal candidate must enjoy working in a fast-paced environment with a proactive, "take-charge" / "can-do" attitude and is able to demonstrate flexibility and resiliency. Successful candidate must be self-sufficient and be able to work with minimal supervision. Work with geographically distributed teams across different time zones. Works with cross-functional teams to create solutions for automatic deployment of Infosec team's security products
Required qualifications
- Strong understanding of vulnerability management and security testing practices and methodologies.
- 3 years of experience working with any industry standard scanning tool in (eg. Qualys, Nessus, AppScan etc.)
- Experience using common security testing and analysis tools (Metasploit, Kali, Wireshark)
- Knowledge and understanding of key differences between most popular cloud provider (e.g. Azure, AWS, GCP, Open Stack, Pivotal Cloud Foundry, BOSH, Kubernetes, Docker )
- Expert knowledge of system, application, and database hardening techniques and practices.
- Understanding of Industry trends in cloud technologies for public, private and hybrid cloud deployments
- Strong domain expertise of cloud infrastructure compute, network and storage as well as the cloud control plane
- Knowledge of virtualization, containers, service-mesh and enterprise service business
- Experience with structured Enterprise Architecture practices, hybrid cloud deployments, and on-premise-to-cloud migration deployments
- Ability to identify and drive remediation of Security Vulnerabilities
Cisco is an Affirmative Action and Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis.
Cisco will consider for employment, on a case by case basis, qualified applicants with arrest and conviction records.
Security Architect
Crescens -
Raleigh, NC
Cloud Security Architect
ABM US -
Raleigh, NC
Generative AI Security Architect
Thermo Fisher Scientific -
Chapel Hill, NC
