SECURITY RESEARCH ENGINEER

• JOB ID 1424994
• LOCATION: Knoxville, Tennessee, US
• Alternate Location: US Remote with preference for Knoxville or RTP

The successful applicant will provide ownership of and be performing work in FedRAMP or IL-5 type environments, and therefore, must be a U.S. Person (i.e. U.S. citizen, U.S. national, lawful permanent resident, asylee, or refugee). This position may also perform work that the U.S. government has specified can only be performed by a U.S. citizen on U.S. soil.

As a team member of Cisco's Advanced Security Initiatives Group (ASIG), you will evaluate our global products and services to identify security vulnerabilities, weaknesses, and improvements.

What You'll Do

You will learn to adopt an attacker mentality using tools, techniques, and processes (TTPs) that emulate real world adversaries. You will work with amazingly creative, innovative, and collaborative security researchers to develop evolving ethical hacking skills and networking product knowledge. You will partner with Cisco's industry-leading engineering teams to assess the latest system and application architectures, contribute to creative security solutions, and gain unparalleled access to and experience with the latest technologies. You will also have opportunities to research security topics independently or collaboratively to explore and develop tools and ideas as part of our "Free Friday" innovation and incubation process.

Our security team is dynamic, hardworking, fun, and high-energy, but the work is done in a very casual environment that strongly encourages a work/life balance. Not only will you work alongside a team of skilled security researchers with a diverse spectrum of talents and experience levels, but you will also be interacting with a variety of engineering teams across Cisco. Cisco ASIG cultivates an environment where every individual's input and experience is valued. We prioritize training sessions and a mentor program surrounding you with the resources you will need to succeed.

Who You Are

Would you enjoy finding security flaws in critical systems, modeling prototype attacks that malicious actors might take advantage of, and crafting mitigations to thwart motivated and inventive adversaries? If you have a passion for computer security, enjoy solving exciting problems, and relish working with emerging technologies, Cisco wants you! Global ISPs, Fortune 500 companies, and world governments all depend on Cisco for critical infrastructure, and we want to guarantee that we keep delivering highly secured solutions to meet their needs.

Minimum Qualifications

• Security penetration testing (pentesting) experience, including testing web applications, APIs, user interfaces, or embedded devices
• 4 years of scripting or software engineering experience with C, C , or Python/Ruby, or other common programming language. Experience to include secure scripting/coding experience and code analysis for vulnerabilities.
• 4 years’ experience with a combination of AWS cloud and on-prem environments
• Linux operating system experience, including system administration and security hardening configuration experience. Command line interfaces (CLIs) and tool experience required

Preferred Qualifications:

• OSCP or equivalent certification is a plus
• Strong understanding of operating system concepts in the areas of memory management, computer architecture, or binary analysis
• Confirmed experience with applied crypto, through implementation or analysis of crypto algorithms
• Proven experience with network protocols, through implementation or analysis
• Demonstrated ability as a DevOps engineer, with a focus on DevOps security
• Applied architectural security
• Cryptographic algorithm design and review
• Operating system principles and secure configuration
• Security of virtualization platforms and techniques
• Network protocol analysis and debugging
• Web protocols and API security
• Secure development practices
• Software vulnerability assessment, fuzzing, and code analysis
• Reverse engineering
• Exploit development

Why Cisco?

#WeAreCisco. We are all unique, but collectively we bring our talents to work as a team, to develop innovative technology and power a more inclusive, digital future for everyone. How do we do it? Well, for starters – with people like you!

Nearly every internet connection around the world touches Cisco. We’re the Internet’s optimists. Our technology makes sure the data traveling at light speed across connections does so securely, yet it’s not what we make but what we make happen which marks us out. We’re helping those who work in the health service to connect with patients and each other; schools, colleges, and universities to teach in even the most challenging of times. We’re helping businesses of all shapes and sizes to connect with their employees and customers in new ways, providing people with access to the digital skills they need and connecting the most remote parts of the world – whether through 5G, or otherwise.

We tackle whatever challenges come our way. We have each other’s backs, we recognize our accomplishments, and we grow together. We celebrate and support one another – from big and small things in life to big career moments. And giving back is in our DNA (we get 10 days off each year to do just that).

We know that powering an inclusive future starts with us. Because without diversity and a dedication to equality, there is no moving forward. Our 30 Inclusive Communities, that bring people together around commonalities or passions, are leading the way. Together we’re committed to learning, listening, caring for our communities, whilst supporting the most vulnerable with a collective effort to make this world a better place either with technology, or through our actions.

So, you have colorful hair? Don’t care. Tattoos? Show off your ink. Like polka dots? That’s cool. Pop culture geek? Many of us are. Passion for technology and world changing? Be you, with us! #WeAreCisco

Message to applicants applying to work in the U.S. and/or Canada:

When available, the salary range posted for this position reflects the projected hiring range for new hire, full-time salaries in U.S. and/or Canada locations, not including equity or benefits. For non-sales roles the hiring ranges reflect base salary only; employees are also eligible to receive annual bonuses. Hiring ranges for sales positions include base and incentive compensation target. Individual pay is determined by the candidate's hiring location and additional factors, including but not limited to skillset, experience, and relevant education, certifications, or training. Applicants may not be eligible for the full salary range based on their U.S. or Canada hiring location. The recruiter can share more details about compensation for the role in your location during the hiring process.

U.S. employees have access to quality medical, dental and vision insurance, a 401(k) plan with a Cisco matching contribution, short and long-term disability coverage, basic life insurance and numerous wellbeing offerings. Employees receive up to twelve paid holidays per calendar year, which includes one floating holiday, plus a day off for their birthday. Employees accrue up to 20 days of Paid Time Off (PTO) each year and have access to paid time away to deal with critical or emergency issues without tapping into their PTO. We offer additional paid time to volunteer and give back to the community. Employees are also able to purchase company stock through our Employee Stock Purchase Program.

Employees on sales plans earn performance-based incentive pay on top of their base salary, which is split between quota and non-quota components. For quota-based incentive pay, Cisco typically pays as follows:

.75% of incentive target for each 1% of revenue attainment up to 50% of quota;

1.5% of incentive target for each 1% of attainment between 50% and 75%;

1% of incentive target for each 1% of attainment between 75% and 100%; and once performance exceeds 100% attainment, incentive rates are at or above 1% for each 1% of attainment with no cap on incentive compensation.

For non-quota-based sales performance elements such as strategic sales objectives, Cisco may pay up to 125% of target. Cisco sales plans do not have a minimum threshold of performance for sales incentive compensation to be paid.