Cisco DoD Cloud Security Operations Compliance Engineer SecOps 

United States, North Carolina, Cary 

444758333

Who You Are

As part of SDWAN Cloud Security Operations team, you will apply your skills and knowledge to make sure the SaaS environments (Department of Defense, U.S. Federal, and commercial) are secured in accordance with cloud security standard processes, operated with security in mind, and aligned with Cisco internal requirements, as well as external regulations. You will continuously assess and improve security posture, implement effective security monitoring systems, and collaborate on security controls reporting automation.

You will have direct responsibilities to ensure that active security monitoring of both commercial and U.S. Federal environments is undertaken on a continuous basis by leading all aspects of a vulnerability management program, participating in and leading risk analysis of findings, and ensuring that the SecOps team is performing at maximum efficiency globally. Ability and willingness to travel, as needed, in support of Global SecOps leadership role is required. This role will have a main focus on, and responsibility for, U.S. Department of Defense cloud solutions. Applicants should have a

Required Skills

• Have, or be able to achieve, Top-Secret Clearance
• Must be a U.S. Citizen, U.S. Soil
• 8+ years proven track record in cybersecurity
• Consistent track record with the FedRAMP authorization process; first-hand experience with FedRAMP PMO
• Must be proficient in coding in Python
• Experience with vulnerability management and incident response processes
• Knowledge of authentication protocols, authorization standards and crypto primitives (TLS, OAuth, SAML, JWT, etc.)
• Firm grasp of SOC2, NIST 800-53, ISO 27001, ISO 27017, ISO 27018, C5, IRAP, and other key cloud certifications

Preferred Skills

• Have a working history/knowledge of the DoD/DISA authorization processes
• Have prior experience protecting cloud-based environments. 2+ years in a cloud security role preferred
• Have clear experience with AWS services: EC2, VPC, KMS, ECS, EKS, S3, Route53, IAM, SSO GuardDuty, Secret Manager, CloudWatch
• Practiced in CSDL, IL5, DSAWG / DISA PA
• Clear experience building and maintaining compliance programs for Cisco product and cloud offerings.
• Solid grasp of Tenable, Linux, Docker, Kubernetes
• History of implementing enterprise security tools - SIEM, IDS/IPS, FIM, PAM
• Familiarity with OWASP TOP-10, CIS Benchmarks, STIGs
• Experience / knowledge eMASS, SNAPS, PPSM, C-ITP
• Experience with Infrastructure as Code and Configuration Management tools.
• Experience / knowledge of working with RESTFUL APIs and Webservices
• Experience with alerting and monitoring tools.
• Experience with common security scanning tools (e.g., Nessus, Tenable, Qualys, IBM AppScan, Burp Suite, etc.)
• Understanding of software development lifecycle models, as well as the approaches to implement the AWS Well-Architected Framework.
• Knowledge of Ansible and Terraform
• Certification (AWS Security Specialty, GCIH - GIAC Certified Incident Handler, (ISC)2 CCSP – Certified Cloud Security Professional) is a plus

3 reasons to apply

1. You have a passion for automating the easy things in life—and the hard ones too!
2. You thrive when things are ambiguous, and desire to strategically explore problem spaces without having a clear goal. Where you're going, you don't need roads!
3. You care about chipping in to a collaborative culture and being responsible for providing technical leadership.