Key skills
ISO 27001/17/18SOC2C5ENSCISACISSPCCSKCloud platformsVulnerability ManagementIdentityAccess ManagementSecure SDLCBackup/Disaster RecoveryHighly organizedcommunicationAdaptableAWSIAMSDLCProduct ManagementCommunication
About this role
Cisco is a leading technology company focused on building secure infrastructures and fostering customer trust. The role of Commercial and Global Certifications Information Security Engineer involves maintaining compliance certifications for Cisco Cloud offerings and collaborating with various teams to ensure adherence to security and regulatory frameworks.
Responsibilities:
- Support compliance and regulatory audits in Cisco’s compliance portfolio
- Analyze the current state of compliance at Cisco and find opportunities to reduce compliance overhead and cost
- Collaborate with a team of information security engineers to develop and execute common control strategies, ensuring internal readiness for certification
- Drive implementation and adoption of centralized compliance program management methodologies, audit execution process efficiencies and tooling, and consistency in program execution across the portfolio
- Serve as a subject matter expert for relevant security compliance frameworks, providing guidance and expertise to Cisco Business Unit (BU) partners, and influence BU partners to improve security and control implementation and operation
- Work with CloudARC leaders and Product Management to develop and maintain the Product Compliance calendar for the portfolio of Cisco Cloud offerings
Requirements:
- 8+ years of experience in a security or compliance role
- Deep expertise in regulatory compliance and security frameworks such as ISO 27001/17/18, SOC2, C5, ENS, HIPAA, and similar standards
- Experience partnering with regulators, auditors, and external partners to drive attainment and maintenance of compliance certifications
- Solid understanding of key IT security processes and services, including Secure SDLC, Identity and Access Management (IAM), Vulnerability Management, and Backup/Disaster Recovery
- Highly organized and adaptable, with demonstrated success managing multiple priorities in a fast-paced, evolving environment
- Industry certifications such as CISA, CISSP, CCSK, or equivalent certifications
- Master's degree in Information Security, Computer Science, or related field
- Excellent communication skills, with the ability to collaborate effectively across technical and non-technical teams and influence partners at all levels
- Hands-on experience working with cloud platforms, particularly AWS or other major public cloud service provider environments
- Proven track record in developing, implementing, and maintaining security policies, standards, and control frameworks