Security Consulting Engineer (Full Time) United States
What You’ll Do
Everything is converging on the Internet, making networked connections more relevant than ever. Our employees have groundbreaking ideas that impact everything imaginable - from entertainment, retail, healthcare, and education, to public and private sectors, smart cities, smart cars, and everyday devices in our homes. Here, that means you’ll take creative ideas from the drawing board to powerful solutions that have real world impact. You’ll collaborate with Cisco leaders, partner with experienced mentors, and develop incredible relationships with colleagues who share your interest in connecting the unconnected. You’ll be part of a team that cares about its customers, enjoys having fun, and you’ll participate in changing the lives of those in our local communities. Come prepared to be inspired.
Who You'll Work With
Let’s change the world together. You will work directly with our customers and gain hands-on experience and exposure into their networks. Be immersed in a small close-knit group of cohorts, to collaborate on several projects that have a real impact. You will be working on network infrastructures, delivering business solutions and technology solutions from data, security, mobility, and the cloud. We will value your ideas on how to get things done, while learning from industry leaders.
What the Security Customer Experience Organization Does
Cisco Security Customer Experience (CX) organization supports customers through the entire lifecycle of a security solution: from understanding business needs to deploying custom solutions, from optimizing existing solutions to developing applications that meets specific needs; from helping customers to maintain their solutions to helping them investigate potential security incidents. In order to effectively support customers offering specialized services with specialized consultants, Security CX is segmented in four areas: Security Consulting Services, Assessment and Penetration Services, Cisco Talos Incident Response Services (CTIR) and Orchestration, Automation and Response (SOAR) Services.
Security Consulting Services
Our Security Consulting Services Team is distributed across the US. We provide security professionals that can assist our customers with their security challenges, irrespective of the security products they have in their environment (Cisco, or otherwise). Additionally, we offer strategic consulting, aligned with Cisco’s product offerings, to help customers with business case development and product adoption. Our focus in Security Consulting is to help our customers get better at securing their organization and integrating security into their business needs. Our Security Consultants help our customers understand complex security needs by identifying challenges, risks and vulnerabilities in technology, people, and processes. We achieve this through understanding business objectives and how those objectives influence security decisions, developing strategies and roadmaps to address these requirements and providing support to existing programs and projects. Engagements include security program building, developing layered security models, compliance assessments (against various compliance frameworks), implementation planning, design and execution. Consulting Services is also focused on assisting our clients to use and get the most value from their Cisco security products. We advise our customers to adopt and utilize best in breed Cisco security technologies, using tried and true methodologies for deployment and migration. We focus on aligning our technologies, or mix of technologies, to accomplish our customer’s business goal through a consultative approach. We believe that no one knows Cisco products better than our own Cisco resources. Our customers feel the same way. A sample of the products that our Consulting Services team works with are: Advance Malware Protection (AMP) for networks and endpoints, Firepower next-generation firewalls, Identity Services Engine (ISE) - network access and authentication / virtual segmentation, Stealthwatch - network visibility and protection, Email Security Appliances (ESA) and Web Security Appliances (WSA). You'll have the opportunity to work directly with a mentor to learn and take part in customer interactions and projects, helping you better understand our business and shape your skills.
Engagements include building, deploying and optimizing Cisco Security solutions like FirePower, Identity Services Engine, Trustsec and others. https://www.cisco.com/c/en/us/products/security/index.html
Assessment and Penetration Team (APT)
This group is primarily based out of our downtown Chicago, IL office, but with security professionals throughout the US. Consultants in APT Services help our clients address their complex security problems while using our expert knowledge, mature methodologies, and advanced research capabilities. APT takes a technical approach in identifying and mitigating vulnerabilities and threats by emulating real-world attack techniques through red team and social engineering assessments, reverse engineering, application assessment and Secure DevOps reviews, as well as hardware security (including IoT and Connected Car).
Cisco Talos Incident Response Services
The Cisco Talos Incident Response (IR) Service significantly strengthens a customer’s network and information security resiliency. CTIR leverages Cisco’s Talos Threat Intelligence tools and capabilities along with industry leading tools and processes to assist our customers with responding to incidents as they occur. CTIR also works with our customers to proactively improve their capabilities to detect, manage, and respond to incidents quickly and effectively. Using the latest intelligence and standard methodologies, it introduces a process that engages all layers of defense and provides a comprehensive range of capabilities to help organizations prepare, maintain, respond to, and recover from incidents efficiently. If emergency assistance is required, our responders are available within hours for rapid investigation and mitigation of threats virtually and in-person.
Security Orchestration, Automation and Response Services
Security Orchestration is a group of software engineers whose mission is to automate security processes and orchestrate disparate security technologies into holistic solutions that go beyond individual product capabilities. We do this with Cisco and 3rd party products, using any platform to build software-engineered workflows and capabilities. In the course of our work, we regularly touch all the products within our Security portfolio. Concretely, most of our solutions are desktop utilities, portals, integrations, and automate security tasks written in Java (and a few in Python, C#, and Golang) using standard software engineering methodologies such as Agile and Secure Development Life Cycle.
Key Elements of the Role
- You will attend on-site design and configuration sessions with a Security Consulting mentor
- You will collect requirements from customers for projects to meet critical business goals
- You will work with a team mentor to define the business goals and requirements for integration efforts
- You will identify and support large-scale-design efforts for customer network integrations
- You will configure lab devices with configuration templates or system configurations which will be used in customers’ production implementations
- You will aid in analyzing and designing policy creation for Identity Services, Firepower Intrusion Detection, ASA Firewall Rules, and Catalyst Switch Configurations
- You will analyze customer configurations and provide feedback on possible improvements to the configuration to improve alignment with customer business goals
- You will evaluate customer logs or NetFlow data to advise on improvements aligned with their business goals
- You will learn and understand Security Policies, Standards, Procedures and Guidelines
- You will apply modern Penetration Test techniques (if in the APT group)
- You will gain knowledge about Incident Response methodologies, Table-top exercises, Red/Blue/Purple Teams and how corporations around the world use these tools to decrease the risk and, if necessary, respond to security incidents (if in the IR group)
- You will learn how to use programming languages (Java/Python/C++) and open source automation platforms (Ansible/Chef/Terraform) to develop tailor-made automation capabilities to customers using Cisco application programming interfaces (if in the SOAR group)
Who You Are
- Including but not limited to a graduate/upcoming graduate of a technical degree or certification program from a Technical Boot Camp, Apprenticeship, Community College or 4-Year University
- You have knowledge of IT systems, networking concepts, TCP/IP protocols, network devices and applications, OSI 7-layer model, or code development
- You have a desire and passion for Information Security and willingness to learn and teach yourself tough concepts
- You are able to work well in small dynamic teams and balance multiple responsibilities
- You have the ability and desire to work on collaborative teams across the US
- You possess excellent written and verbal skills
- Eligible to start July/August 2022
- Able to legally live and work in the country for which you’re applying, without visa support or sponsorship
#WeAreCisco, where each person is unique, but we bring our talents to work as a team and make a difference powering an inclusive future for all.
We embrace digital, and help our customers implement change in their digital businesses. Some may think we’re “old” (36 years strong) and only about hardware, but we’re also a software company. And a security company. We even invented an intuitive network that adapts, predicts, learns and protects. No other company can do what we do – you can’t put us in a box!
But “Digital Transformation” is an empty buzz phrase without a culture that allows for innovation, creativity, and yes, even failure (if you learn from it.)
Day to day, we focus on the give and take. We give our best, give our egos a break, and give of ourselves (because giving back is built into our DNA.) We take accountability, bold steps, and take difference to heart. Because without diversity of thought and a dedication to equality for all, there is no moving forward.
So, you have colorful hair? Don’t care. Tattoos? Show off your ink. Like polka dots? That’s cool. Pop culture geek? Many of us are. Passion for technology and world changing? Be you, with us!