The successful applicant will provide ownership of and be performing work in FedRAMP or IL-5 type environments, and therefore, must be a U.S. Person (i.e. U.S. citizen, U.S. national, lawful permanent resident, asylee, or refugee). This position may also perform work that the U.S. government has specified can only be performed by a U.S. citizen on U.S. soil.
You will learn to adopt an attacker mentality using tools, techniques, and processes (TTPs) that emulate real world adversaries. You will work with amazingly creative, innovative, and collaborative security researchers to develop evolving ethical hacking skills and networking product knowledge. You will partner with Cisco's industry-leading engineering teams to assess the latest system and application architectures, contribute to creative security solutions, and gain unparalleled access to and experience with the latest technologies. You will also have opportunities to research security topics independently or collaboratively to explore and develop tools and ideas as part of our "Free Friday" innovation and incubation process.
Minimum Qualifications
- Security penetration testing (pentesting) experience, including testing web applications, APIs, user interfaces, or embedded devices
- 4+ years of scripting or software engineering experience with C, C++, or Python/Ruby, or other common programming language. Experience to include secure scripting/coding experience and code analysis for vulnerabilities.
- 4+ years’ experience with a combination of AWS cloud and on-prem environments
- Linux operating system experience, including system administration and security hardening configuration experience. Command line interfaces (CLIs) and tool experience required
Preferred Qualifications:
- OSCP or equivalent certification is a plus
- Strong understanding of operating system concepts in the areas of memory management, computer architecture, or binary analysis
- Confirmed experience with applied crypto, through implementation or analysis of crypto algorithms
- Proven experience with network protocols, through implementation or analysis
- Demonstrated ability as a DevOps engineer, with a focus on DevOps security
- Applied architectural security
- Cryptographic algorithm design and review
- Operating system principles and secure configuration
- Security of virtualization platforms and techniques
- Network protocol analysis and debugging
- Web protocols and API security
- Secure development practices
- Software vulnerability assessment, fuzzing, and code analysis
- Reverse engineering
- Exploit development
We tackle whatever challenges come our way. We have each other’s backs, we recognize our accomplishments, and we grow together. We celebrate and support one another – from big and small things in life to big career moments. And giving back is in our DNA (we get 10 days off each year to do just that).