What You’ll Do
The Cisco CSIRT forms part of the investigative branch of Cisco's Security and Trust Organization (S&TO), and is Cisco's cyber investigations and forensics team. It provides Cisco with tailored security monitoring services in order to protect Cisco from cyber attacks and the loss of its intellectual assets. The primary mission of CSIRT is to help ensure company, system, and data preservation by performing comprehensive investigations into computer security incidents, and to contribute to the prevention of such incidents by engaging in proactive threat assessment, mitigation planning, incident trend analysis, and security architecture review.
Who You’ll Work With
The CSIRT investigators are a highly-functioning, diverse, and globally distributed group of seasoned professionals from various technical backgrounds. We're Open Source Software contributors, technical authors, tool builders, DFIR community members, lock pickers, makers, and breakers.
This is an opportunity to contribute to a highly visible security operations function with global impact upon Cisco, its subsidiaries, business units, service ventures, partners, and customers. Top-tier system, network, and database administrators make phenomenal security investigators, whether they realize it or not. We are looking for a motivated individual with good team fit.
Who You Are
- Develop and deploy new technologies as needed to support business objectives
- Design and implement new detection technologies
- Collaborate with engineers in CSIRT and InfoSec to enhance, improve, or modify enterprise and cloud (IaaS, SaaS) based security detection and response
- Update, modify, and enhance existing programs
- Develop documentation on all custom solutions
- Regularly view and verify existing metrics to ensure accuracy and quality
- Annotate existing metrics to improve user understanding of the meaning of metrics
- Superb communication (verbal and written) skills
- Deep understanding in a variety of operating systems, languages, databases, data types, security fundamentals, and attack techniques
- Some scripting/coding abilities
- A solid grasp of networking and core Internet protocols (e.g. TCP/IP, DNS, SMTP, HTTP, and distributed networks)
You may have:
- Experience with Linux/UNIX systems and the best practices for deploying applications to those stacks
- Experience with infrastructure-as-a-Service platforms (OpenStack, Amazon Web Services, Rackspace, VMware, etc.)
- Agility and willingness to deal with a high level of ambiguity, change, and pressures of high profile incidents
- Flexibility - willingness to pitch in where needed across program and team
- Strong leadership, influence and teamwork skills; sound problem resolution, judgment, negotiating and decision-making skills
- Global teaming, cultural, and influence skills and ability to focus the team to deliver to tight timelines and ability to multi-task
At Cisco, each person brings their unique talents to work as a team and make a difference.
Yes, our technology changes the way the world works, lives, plays and learns, but our edge comes from our people.
- We connect everything - people, process, data and things - and we use those connections to change our world for the better.
- We innovate everywhere - From launching a new era of networking that adapts, learns and protects, to building Cisco Services that accelerate businesses and business results. Our technology powers entertainment, retail, healthcare, education and more - from Smart Cities to your everyday devices.
- We benefit everyone - We do all of this while striving for a culture that empowers every person to be the difference, at work and in our communities.
Colorful hair? Don’t care. Tattoos? Show off your ink. Like polka dots? That’s cool. Pop culture geek? Many of us are. Be you, with us! #WeAreCisco