Key skills
Security engineeringCloud-native environmentsAWSAzureGCPInfrastructure-as-codeTerraformAnsibleSecurity compliance frameworksSOCISOPythonGoBash scriptingCompliance-as-CodeCCSP certificationCCSK certificationOSCP certificationSIEM engineeringSOAR engineeringIncident response automationZero trust architectureMicro-segmentationIdentity and Access ManagementPrivileged Access ManagementVulnerability managementRisk assessmentBashIAMCI/CDZero Trust
About this role
Cisco is a leading technology company that focuses on innovative solutions for data and infrastructure. They are seeking a Senior Security Engineering & Compliance Lead to manage the implementation of security frameworks and automate compliance processes while bridging the gap between technical infrastructure and regulatory requirements.
Responsibilities:
- Architect Compliance-as-Code: Design and implement automated controls to satisfy security compliance requirements, reducing manual evidence collection through system integration
- Audit Readiness Engineering: Conduct technical gap assessments of infrastructure and applications; design remediation plans that integrate directly into the CI/CD pipeline
- Evidence Orchestration: Build and maintain automated data pipelines to provide real-time visibility into control effectiveness for auditors and stakeholders
- Detection Engineering: Oversee security alert queues, prioritizing high-severity risks and engineering automated response playbooks to resolve incidents
- Incident Simulation: Facilitate and document technical incident response tabletop exercises, using the findings to engineer more resilient system architectures and automated recovery processes
- Documentation as Code: Maintain technical documentation and incident logs that serve as the "source of truth" for audit requirements
- IAM Hardening: Engineer and enforce automated user access reviews and segregation-of-duties (SoD) testing
- Privileged Access Management (PAM): Audit and optimize privileged account controls, implementing technical guardrails to minimize the blast radius of unauthorized access
- Vulnerability Lifecycle Management: Perform deep-dive vulnerability analyses on enterprise infrastructure; engineer automated patch management and configuration hardening workflows
- Risk-Based Prioritization: Quantify business impact through technical risk assessments, collaborating with engineering teams to implement corrective technical controls rather than just policy-based fixes
Requirements:
- Bachelor's degree in Computer Science, Cybersecurity, or related technical field with 8+ years of experience; or a Master's degree with 6+ years
- Experience with security engineering in cloud-native environments (AWS/Azure/GCP) and infrastructure-as-code (Terraform/Ansible)
- Experience working with technical security controls and regulated compliance frameworks such as SOC, ISO, etc
- Python, Go, or Bash scripting/programming for security automation or log analysis
- Hands-on experience building 'Compliance-as-Code' solutions
- Certifications such as CCSP, CCSK, OSCP, cloud or security specific certifications
- Experience with SIEM/SOAR engineering and automated incident response orchestration
- Strong understanding of zero trust architecture and micro-segmentation engineering