TD&R Malware Analytics Security Engineer

Application window has been extended and expected to close on 04/04/2025. However, the job posting may be removed earlier if the position is filled or if a sufficient number of applications are received.

"The successful applicant will be performing work in FedRAMP High or IL-5 environments, and therefore, must be a U.S. Person (i.e. U.S. citizen, U.S. national, lawful permanent resident, asylee, or refugee). This position may also perform work that the U.S. government has specified can only be performed by a U.S. citizen on U.S. soil.

Join our dynamic EDR (Endpoint Detection and Response) Security Team, where we foster talent and skill development through creative and challenging projects. Our team acts as a security center of excellence, transforming security controls into actionable engineering requirements, ensuring continuous compliance, automating security tasks, and sharing knowledge across teams.

We collaborate closely with the Security Compliance team, focusing on building a Secure Malware Analytics (SMA) offering for the FedRAMP marketplace, enabling operations and sales in the U.S. federal space. Our team also supports SMA on security, malware analytics, and deployment security, working exclusively on FedRAMP initiatives. Our team offers a focus on security and compliance, ensuring no dull days with a variety of work. There are opportunities to work on greenfield projects and establish new services.

As a Security Engineer, you will play a crucial role in formulating, enhancing, and maintaining and the security of our offerings. This role is security and compliance-heavy, assisting engineering and operations teams in understanding and adhering to requirements, and involves collaborative work on staffing, timeframes, and the development and implementation of projects. Success will be measured by effectively helping the SMA team navigate and implement federal guidelines as part of the program, with key performance indicators including compliance alignment, successful project milestones, and effective team collaboration.

• Understand the security posture of various offerings and ensure compliance with security controls, representing EDR products to internal and external parties, and engaging with Product Engineering and Operations teams.
• Write and review system architectures and documentation, develop software to automate compliance activities, and support continuous monitoring and audit requirements.

• 4 years of proven experience in security engineering or related fields.
• 3 years of experience in software development focused on delivering compliant services.
• Proficient on writing tooling, scripts, and software configurations

• Relevant security certifications.
• Software development experience in languages like Ruby, Go, Python, Rust, etc.
• Familiarity with DevOps tooling (Saltstack, GitHub, Foreman, bare-metal, ESXi, etc).
• Understanding of cryptography (X509, OpenSSL, etc.).
• Experience in Secure Development methodologies.
• Experience with data center hosted services.
• Experience working with security standards (FedRAMP, ISO, PCI, etc.).
• Experience working in a highly regulated, SLA driven services environment.
• Working knowledge of NIST SP 800-53 R5 and the ability to transform and communicate control requirements into engineering tasks.

#WeAreCisco where every individual brings their unique skills and perspectives together to pursue our purpose of powering an inclusive future for all.

Our passion is connection-we celebrate our employees' diverse set of backgrounds and focus on unlocking potential. Cisconians often experience one company, many careers where learning and development are encouraged and supported at every stage. Our technology, tools, and culture pioneered hybrid work trends, allowing all to not only give their best, but be their best.

We understand our outstanding opportunity to bring communities together and at the heart of that is our people. One-third of Cisconians collaborate in our 30 employee resource organizations, called Inclusive Communities, to connect, foster belonging, learn to be informed allies, and make a difference. Dedicated paid time off to volunteer-80 hours each year-allows us to give back to causes we are passionate about, and nearly 86% do!

Our purpose, driven by our people, is what makes us the worldwide leader in technology that powers the internet. Helping our customers reimagine their applications, secure their enterprise, transform their infrastructure, and meet their sustainability goals is what we do best. We ensure that every step we take is a step towards a more inclusive future for all. Take your next step and be you, with us!