Senior Threat Hunting Investigator
Company: Cisco Systems, Inc.
Posted on: September 21, 2023
Texas; California; New York; Massachusetts; Washington; Colorado
Area of Interest Security Compensation Range 121600 USD - 167800
USD Job Type Professional Security Job Id 1406297 The successful
applicant will be performing work in FedRAMP High or IL-5
environments, and therefore, must be a U.S. Person (i.e. U.S.
citizen, U.S. national, lawful permanent resident, asylee, or
refugee). This position may also perform work that the U.S.
government has specified can only be performed by a U.S. citizen on
U.S. soil. Security Visibility and Incident Command (SVIC) is part
of the investigative branch of Cisco's Security and Trust
Organization (S&TO) and serves as Cisco's information security,
cyber investigations, and forensics team. We provide Cisco with
tailored security monitoring services to protect the company from
cyber-attacks and the loss of its intellectual assets. The primary
mission of SVIC is to ensure company, system, and data preservation
by performing comprehensive investigations into computer security
incidents. Our mission also extends to assisting in the prevention
of such incidents by engaging in root cause analysis, dedicated
threat assessment, mitigation planning, and architectural review.
SVIC is a highly skilled, diverse, and globally distributed group
of outstanding professionals from a wide variety of technical
backgrounds. We are open-source software contributors, technical
authors, tool builders, DFIR community members, lock pickers,
makers, and breakers. What You'll Do SVIC is looking for an
experienced security professional to join our Security
Investigations Team, which is our top-tier investigative body. This
is an opportunity to contribute to a highly transparent security
operations function with global impact upon Cisco, its diversified
business, business units, service ventures, partners, and
customers. We are looking for a motivated and experienced security
engineer who thinks like an attacker but has the heart of a
defender. Our investigators thrive on understanding complex systems
and how they can be broken. Additionally, candidates with diverse
technical backgrounds such as system, network, and database
administrators make phenomenal security investigators, whether they
realize it or not. As a great candidate for this role, you have a
strong interest in complex problem solving, with an ability to
challenge assumptions and consider alternative perspectives. You
are forward-thinking and act as the voice of reason and calm during
high-stakes situations, while operating exceedingly well in a
strong, tight-knit, collaborative team environment. Role &
- Respond to and investigate computer security incidents,
assessing the scope of impact and guiding the teams involved in the
investigation to containment and resolution.
- Communicate incident root cause analysis with management and
- Research and deploy new technologies as needed to support
business objectives related to security detection, threat hunting,
forensics and response.
- Collaborate with data source SMEs in SVIC and InfoSec to
enhance, improve, or modify cloud based security detection and
- Continuously strive to improve processes for high-accuracy
attack detection and response as attacker tactics and techniques
evolve, setting our SOC Analysts up for success.
- Apply and cultivate your expertise in the subject areas you are
passionate about, to guide SVIC towards better ways of doing
- Represent SVIC in collaboration with our industry peers and in
trusted working groups
- Participate in a follow-the-sun on-call rotation.
- As a senior member of SVIC, guide and mentor our security
analysis / detection engineers. Who you are:
- Superb communication (verbal and written) skills.
- A practiced ability to influence peers, customers and project
teams to make security minded decisions and changes.
- Good technical skills in a variety of operating systems and
databases, with proficiency in data querying and data
- Reasonable scripting/coding abilities and an eye for automation
- A solid grasp of networking and core Internet protocols (e.g.
TCP/IP, DNS, SMTP, HTTP, and distributed networks).
- Experience with Linux/UNIX systems and the standard
methodologies for deploying applications to those stacks.
- Experience working with Infrastructure-as-a-Service platforms
(OpenStack, Amazon Web Services, Rackspace, VMware, etc.)
- Agility in dealing with various types of security incidents and
a curiosity to learn about the tools and technologies
- Flexibility - willingness to pitch in where needed across
program and team
- Strong leadership, influence and collaboration skills; sound
problem resolution, judgment, negotiating and decision-making
- US Citizenship or green card required Why Cisco? At Cisco, each
person brings their unique talents to work as a team and make a
difference. Yes, our technology changes the way the world works,
lives, plays and learns, but our edge comes from our people. We
connect everything - people, process, data and things - and we use
those connections to change our world for the better. We innovate
everywhere - From launching a new era of networking that adapts,
learns and protects, to building Cisco Services that accelerate
businesses and business results. Our technology powers
entertainment, retail, healthcare, education and more - from Smart
Cities to your everyday devices We benefit everyone - We do all of
this while striving for a culture that empowers every person to be
the difference, at work and in our communities. Cisco is proud to
be an Affirmative Action and Equal Opportunity Employer. All
qualified applicants will receive consideration for employment
without regard to race, color, religion, gender, sexual
orientation, national origin, genetic information, age, disability,
veteran status, or any other legally protected basis. We will
ensure that individuals with disabilities are provided reasonable
accommodation to participate in the job application or interview
process, to perform essential job functions, and to receive other
benefits and privileges of employment. Please contact us to request
accommodation. Benefits and Perks We strive to keep our teams happy
and healthy. Many roles have the option to be Remote or Hybrid.
Cisco provides competitive pay, excellent medical, dental and
vision coverage, 401(k) match, 20 days of paid time off plus
holidays, support for parents and paid time to volunteer. Message
to applicants applying to work in the U.S.:
When available, the salary range posted for this position reflects
the projected hiring range for new hire, full-time salaries in U.S.
locations, not including equity or benefits. For non-sales roles
the hiring ranges reflect base salary only; employees are also
eligible to receive annual bonuses. Hiring ranges for sales
positions include base and incentive compensation target.
Individual pay is determined by the candidate's hiring location and
additional factors, including but not limited to skillset,
experience, and relevant education, certifications, or training.
Applicants may not be eligible for the full salary range based on
their U.S. hiring location. The recruiter can share more details
about compensation for the role in your location during the hiring
process.U.S. employees have access to quality medical, dental and
vision insurance, a 401(k) plan with a Cisco matching contribution,
short and long-term disability coverage, basic life insurance and
numerous wellbeing offerings. Employees receive up to twelve paid
holidays per calendar year, which includes one floating holiday,
plus a day off for their birthday. Employees accrue up to 20 days
of Paid Time Off (PTO) each year and have access to paid time away
to deal with critical or emergency issues without tapping into
their PTO. We offer additional paid time to volunteer and give back
to the community. Employees are also able to purchase company stock
through our Employee Stock Purchase Program.Employees on sales
plans earn performance-based incentive pay on top of their base
salary, which is split between quota and non-quota components. For
quota-based incentive pay, Cisco pays at the standard rate of 1% of
incentive target for each 1% revenue attainment against the quota
up to 100%. Once performance exceeds 100% quota attainment,
incentive rates may increase up to five times the standard rate
with no cap on incentive compensation. For non-quota-based sales
performance elements such as strategic sales objectives, Cisco may
pay up to 125% of target. Cisco sales plans do not have a minimum
threshold of performance for sales incentive compensation to be
paid. Sign up to receive notifications of similar jobs
Keywords: Cisco Systems, Inc., Washington DC , Senior Threat Hunting Investigator, Other , Washington, DC
Didn't find what you're looking for? Search again!