Key skills
PythonPowerShellAIAgenticAWSAzureGCPTerraformAnsibleAzure ADEntra IDOktaActive DirectorySSOSplunkChange ManagementCloud SecurityZero Trust
About this role
Cisco is transforming to become the world's leading security company. As a Senior Security Engineer, you will operate and optimize complex Active Directory environments, collaborate on security guardrails, and manage automation for directory services and authentication capabilities.
Responsibilities:
- Operate, troubleshoot, and optimize large-scale, complex Active Directory environments (multi-forest, multi-site, hybrid)
- Maintain and enhance Entra ID (Azure AD) multi-tenant environments, integrating with on-premises and cloud services
- Collaborate in the design and rollout of security guardrails for directory services and privileged access, both on-prem and in the cloud
- Develop, implement, and manage automation/scripts (PowerShell, Python, etc.) for routine operations and self-service enablement, leveraging generative and agentic AI technologies when appropriate
- Participate in a rotating On-Call schedule to ensure 24/7 operational coverage
- Partner with cross-functional teams to support incident response, change management, and audits
- Drive adoption of modern security frameworks, including Zero Trust and least privilege principles
Requirements:
- Bachelor's degree in Computer Science, Engineering (or related field) or 8–10 years of enterprise IT experience; directory services and privileged access management preferred
- Experience with security guardrails: enforcing LDAPS, disabling legacy protocols, implementing modern encryption and experience with cloud security controls: Conditional Access, risk-based authentication, privileged role management
- Proficient in scripting (PowerShell, Python, etc.) for automation
- Familiarity with SIEM platforms (Splunk or similar) and security monitoring and understanding of Zero Trust and identity-centric security architecture with Deep expertise with multi-forest, multi-site Active Directory operations, troubleshooting, and replication
- Proficient in authentication, authorization, and access control concepts
- Strong knowledge of core networking, virtualization, and cloud concepts (Azure, AWS, GCP) and experience with Entra ID (Azure AD) administration and integration
- Relevant certifications: CISSP, Microsoft Certified: Identity and Access Administrator, Azure Security Engineer, CyberArk Guardian, etc
- Experience supporting application migrations from on-prem to cloud-native environments and supporting large-scale, hybrid or cloud-native environments
- Hands-on experience with attack path analysis frameworks (e.g., Bloodhound Enterprise)
- Experience with System Center (SCOM, SCCM, SCO)
- Experience with other identity and access management platforms (Okta, SailPoint, Ping)
- Familiarity with Zero Trust, SSO, FIDO2/WebAuthn implementations
- Experience with infrastructure as code (Terraform, Ansible) for identity solutions