JobsEQ by Chmura Logo

Duo - Security Engineer, Product Security

Cisco Systems Inc.

Location: Tampa, FL 33602
Type: Non-Remote
Posted on: July 28, 2021
This job is no longer available from the source.
The Cisco Security Business Group (SBG) focuses on empowering the world to reach its full potential, securely through the Cisco Secure products. Within the SBG Security team, we support this mission by building thoughtful partnerships with our internal stakeholders to drive security strategy alignment across the SBG portfolio to deliver simple, effective security solutions for our internal customers that meet both market and industry expectations.
Our teams mission is to become our internal customers most trusted partners by building best-in-class security programs that shape the market with our research, make it easy for our customer teams within Cisco to develop secure software, protect our most valuable information and customer assets, and enable SBG employees to work securely as they deliver Cisco Secure products including Duo, Umbrella, SecureX, Talos, Amp for Endpoints, StealthWatch, Tetration, and beyond.
#WeAreCisco, where each person is unique, and our team is our secret weapon. We run the spectrum from artists to analysts, low-key to high energy, and bring together a diversity of skill sets, experiences, and perspectives to solve the complex problems that come with securing a growing business. Together we build solutions that are easy, effective, trustworthy, and enduring.
We are looking for a Product Security Engineer to proactively identify and mitigate security risk to Cisco SBG.
What you will do:
- Test and provide guidance that may include design reviews, threat modeling, code auditing, and security assessments on internally & externally developed software.
- Automate product security testing techniques and tools including, but not limited to; static analysis, dynamic analysis, software composition analysis and container scanning.
- Identify and implement new ways that we can validate the security of Cisco SBG products and its development practices.
- Liaison with product, customer support, sales and engineering teams to provide ad-hoc technical security expertise.
- Research, build and implement tools, libraries & frameworks that aid developers in writing secure code.
- Conduct security research to further enable the addition of proactive security controls within internally developed software.
Skills you have:
- You have a strong understanding of many vulnerability classes impacting a variety of languages, with an expertise towards Python, JavaScript, Java, C, C#, and Objective-C.
- Youre comfortable manually auditing code for vulnerabilities as well as crafting threat models to discover design issues.
- You're comfortable with security controls on AWS or similar IaaS services.
- You are able to mentor and be mentored on security practices, controls and bring an influential flair to your audience whether it is one on one, during a presentation or workshop.
- You understand security engineering principles, and how to seriously consider when a best practice may not be, in fact, the best choice or positively impact actual security and our customers.
3 reasons to apply:
- Youre excited to be part of building an ever-maturing product security program that covers the Security Development Lifecycle, from training through incident response.
- You love to communicate in a friendly, supportive manner with software engineers, helping to not only identify security issues, but also a mentor and advocate on solutions.
- Youre passionate about security, but understand each control or process has a cost that must be thought about critically, and from the point-of-view of many stakeholders.
- You want to continuously elevate your skills and the skills of your teammates.
Our team is committed to cultivating and preserving a culture of inclusion and connectedness. We are able to grow and learn better together with a diverse team of employees. The collective sum of the individual differences, life experiences, knowledge, innovation, self-expression, and talent that our employees invest in their work represents not only part of our culture, but our reputation and Ciscos achievement as well. In recruiting for our team, we welcome the unique contributions that all potential candidates can bring in terms of their education, opinions, culture, ethnicity, race, gender identity and expression, nationality, age, languages spoken, veterans status, religion, disability, sexual orientation and beliefs.
And if this role is exciting to you, we encourage you to apply even if you dont meet all 100% of the description or qualifications. Finally, and most importantly, we are a proud Equal Opportunity Employer.