Cisco Sr Cloud Technology Compliance Engineer in San Jose, California
In today's dynamic digital environment, security is everyone's job. At Cisco, the Security and Trust Organization is at the core of making infrastructure more secure. Your involvement in this strategic and results-oriented team will enable you to be part of one of Cisco's major objectives - to be the Number 1 Trusted Business partner to our customers.
The organization reports to Cisco's Chief Security and Trust Officer and owns the innovation, training, and implementation of security and trust features and processes across all of Cisco's products.
The Global Cloud Compliance (GCC) group within the STO is responsible to drive Compliance certifications across Cisco. This team is responsible for enabling and protecting Cloud sales for our Commercial customers, US Government and Federal agencies, as well as many international standards bodies.
This team works with Sales and Business Unit partners to insure the accurate security and trust features and functionality are included in new offer releases
As a Senior Cloud Technology Compliance Engineer within the GCC group your primary role requires an in depth understanding of various security certification frameworks like AICPA SOC, ISO27001, PCI, NIST, and others.
This senior level Compliance Engineer will be reporting into the GCC Manager/Sr. Manager and will help craft, govern, and evolve and a common control's strategy for Cisco.
What You’ll Do:
· Design, govern and maintain a set of Common Controls and associate implementation strategy
· Work in partnership with various BU’s to support the adoption and on-boarding of Common Controls
· Assist in designing and maintaining a central ISMS in the STO
· Develop and implement a risk assessment strategy to support security certifications
· Support the development of the security policies, and standards for the certifications
· Liaison with external auditor and other internal teams to support certification audits
· Develop the certification program plan with critical path, financial, resource, material requirements, impacts and mitigation plans
· Identify and drive process improvements
· Assist with & influence the assessment, planning and management of related compliance certification programs.
· Maintain knowledge of security compliance frameworks and processes.
· Support the Controls audits team as controls SME
Who You Are:
Skills needed to succeed:
· 2- 5 years of proven track record in related field
· Hand on experience with AWS and other cloud environments
· Knowledge of Compliance frameworks is a must (e.g. SOC2,FedRAMP, ISO, PCI, HIPAA)
· Knowledge of Core IT processes / services such as SDLC, Identity/User Access management, Vulnerability Management, Backup and DR processes will be useful
· Bachelors / Master’s Degree with a focus in Information Technology / Computer Science or related field
· Excellent communications skill at all levels of the organization
· Ability to prioritize in a fast-changing environment
· Ability to balance multiple programs
· Ability to partner with and lead others not reporting directly to you
· Excellent analytical skills
· It’s critical that the person is a good team-player
· Relevant certifications like CISA, CISSP, CCSK, others, will be a plus.
#WeAreCisco, where each person is unique, but we bring our talents to work as a team and make a difference powering an inclusive future for all.
We embrace digital, and help our customers implement change in their digital businesses. Some may think we’re "old" (36 years strong) and only about hardware, but we’re also a software company. And a security company. We even invented an intuitive network that adapts, predicts, learns and protects. No other company can do what we do - you can’t put us in a box!
But "Digital Transformation" is an empty buzz phrase without a culture that allows for innovation, creativity, and yes, even failure (if you learn from it.)
Day to day, we focus on the give and take. We give our best, give our egos a break, and give of ourselves (because giving back is built into our DNA.) We take accountability, bold steps, and take difference to heart. Because without diversity of thought and a dedication to equality for all, there is no moving forward.
So, you have colorful hair? Don’t care. Tattoos? Show off your ink. Like polka dots? That’s cool. Pop culture geek? Many of us are. Passion for technology and world changing? Be you, with us!
Cisco is an Affirmative Action and Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis.
Cisco will consider for employment, on a case by case basis, qualified applicants with arrest and conviction records.