The successful applicant will be performing work on US Government classified environments, and therefore, must be a U.S. Person (i.e., U.S. citizen, U.S. national, lawful permanent resident, asylee, or refugee). This position may also perform work that the U.S. government has specified can only be performed by a U.S. citizen on U.S. soil.
What You'll Do- Develop, manage, and operate the Public Key Infrastructure (PKI) that underpins the Umbrella Federation environment
- Own end-to-end code/infrastructure releases throughout the different environments supported (dev, stage, prod)
- Engage with end users to support their PKI needs performing regular certificate onboarding tasks, getting feedback or capturing new use cases among other things.
- Serve as PKI SME when interacting with different teams and unblock their PKI questions/concerns.
- Work multi-functionally to achieve certification, perform security reviews, and remediate audit findings.
- Design and implement features and components in a team-oriented environment. Own the development of functional components.
- Implement consistent DevSecOps practices for the Cisco Cloud Security organization
- Contribute to a no-blame culture that values learning, transparency, accountability, trust, kindness, and mutual respect.
- Work with Product Management and Legal on privacy impact assessments to ensure the privacy of the platform and update the Cloud Security privacy sheet.
- Assist and ensure engineering teams follow various Cisco- and industry-specific compliance frameworks such as SOC-2, ISO 27001, and FedRAMP / NIST SP 800-53.
- Find opportunities for automation, partner with the engineering and security team on implementing automation
- Mentor engineering teams and help them on their journey to DevSecOps
- Provide thought leadership and domain expertise within Cloud Security to facilitate a culture of security and privacy.
- Collaborate with peer groups within the larger security team on Trust & Compliance, Security Operations, Risk Management, Security Engineering, and Education activities.
Basic Qualifications
- 5+ years experience building, scaling, and managing enterprise applications in cloud-native environments.
- 4+ years as a technical engineer in Agile DevOps environment. Using frameworks, technologies, DevOps/DevSecOps practices (for e.g. designing and building Jenkins, CI/CD pipeline, and infrastructure-as-code tools (for e.g. Terraform and Terragrunt)
- 3+ years' experience with Amazon Web Services (AWS), such as ACM, PCA, Secret Manager, IAM or Lambda.
- 2+ years working experience with cryptographic processes, such as PKI, Certificates or Key Management.
Preferred Qualifications
- US Security clearance (especially T4 clearance) is a huge plus.
- Exposure to building or maintaining infrastructures hardened to meet FedRAMP, IL4/IL5 compliance.
- Experience with or a strong desire to learn Golang, which is used extensively within the team.
- Programming experience in Python is nice to have
- Experience with SNS, SQS, CloudWatch and Step Functions
- Knowledge of testing methodologies, monitoring, observability tools, and techniques.
- Working experience with Docker containers
- Experience enabling high availability, disaster recovery, monitoring & alerts, testing methodologies, automation, and continuous dedication for cloud-native SaaS applications supporting a global customer base.
- History of working with multi-functional teams with strong collaboration and communication skills; have the desire to speak up, share ideas, and help others
- You stay on top of industry standard processes, and you’ve established relationships with engineering teams based on collaboration, empathy, and the pursuit of excellence.