The successful applicant will be performing work in FedRAMP High or IL-5 environments, and therefore, must be a U.S. Person (i.e. U.S. citizen, U.S. national, lawful permanent resident, asylee, or refugee). This position may also perform work that the U.S. government has specified can only be performed by a U.S. citizen on U.S. soil.

Application window is expected to close on 9/27/24

 

WHO WE ARE
In today's dynamic digital environment, security is everyone's job. At Cisco, the Security and Trust Organization is at the core of making infrastructure more secure. Your involvement in this strategic and quality focused team will enable you to be part of one of Cisco's major objectives - to be the Number 1 Trusted Business partner to our customers. 
The organization reports to Cisco's Chief Security and Trust Officer and owns the innovation, training, and implementation of security and trust features and processes across all of our products. 

WHO YOU’LL WORK WITH 
The Global Cloud Compliance (GCC) group within the STO is responsible to drive Compliance certifications across Cisco. This team is responsible for enabling and protecting Cloud sales for our Commercial customers, US Government and Federal agencies, as well as many international standards bodies. 

WHO YOU ARE
As a Compliance Specialist within the GCC group, your primary role requires an in-depth understanding of various security certification frameworks like FedRAMP, CMMC, StateRAMP, TX-RAMP and others. You will be reporting into the GCC leadership and will help craft, govern, and evolve and a common control's strategy for Cisco. 

WHAT YOU'LL DO:

Regularly Audit network/IT environment for compliance to Policy and associated SOP - Weekly/Daily reporting of internal high-risk systems, outstanding remediation, and mitigation activities,Assist in development of Plan of Action and Milestones (POA&M) and, compliance.Assist with POA&M management, mitigation statement formulation, with system administrators to resolve open findings of high- and at-risk systems.Support Validation of IT security architecture for compliance.Assist in compliance reporting for the Information Assurance Vulnerability Management (IAVM) program.Conduct Incident Response and forensic analysis when vitalAssist in management of the assessment/authorization program for On-prem and cloud systems.Coordinates with stakeholders to communicate status and action items for systems in process.Develops and maintains relevant documentation for supported systems.Coordinates Annual ReviewsSupports/Performs assessment of FedRAMP and NIST 800-53 controlsCoordinate with Threat Management Branch for Technical AssessmentResearch security standards/tools; review or conduct system security and vulnerability assessments of cloud and on-prem environments in a fast-paced, demanding environment.Support development and adoption of innovative methods to achieve compliance with government and commercial cybersecurity frameworks.
MINIMUM QUALIFICATIONS:
5+ years of professional experienceExperience with cyber securityExperience with AWS and/or other cloud environments.Knowledge of one or more Compliance frameworks (e.g., FedRAMP, CMMC, StateRAMP, TX-RAMP, NIST, FISMA, etc.)Knowledge of one or more core IT processes/services such as SDLC, Identity/User Access Management, Vulnerability Management, Backup and Disaster Recovery.
PREFERRED QUALIFICATIONS:
Ability to prioritize in a constantly evolving environment.Ability to balance multiple programs.Ability to partner with and lead others not reporting directly to you.Excellent analytical skillsRelevant certifications like CISA, CISSP, CCSK, etc
Why Cisco? 
#WeAreCisco. We are all unique, but collectively we bring our talents to work as a team, to develop innovative technology and power a more inclusive, digital future for everyone. How do we do it? Well, for starters – with people like you!
Nearly every internet connection around the world touches Cisco. We’re the Internet’s optimists. Our technology makes sure the data traveling at light speed across connections does so securely, yet it’s not what we make but what we make happen which marks us out. We’re helping those who work in the health service to connect with patients and each other; schools, colleges, and universities to teach in even the most challenging of times. We’re helping businesses of all shapes and sizes to connect with their employees and customers in new ways, providing people with access to the digital skills they need and connecting the most remote parts of the world – whether through 5G, or otherwise.
We tackle whatever challenges come our way. We have each other’s backs, we recognize our accomplishments, and we grow together. We celebrate and support one another – from big and small things in life to big career moments. And giving back is in our DNA (we get 10 days off each year to do just that).
We know that powering an inclusive future starts with us. Because without diversity and a dedication to equality, there is no moving forward. Our 30 Inclusive Communities, that bring people together around commonalities or passions, are leading the way. Together we’re committed to learning, listening, caring for our communities, whilst supporting the most vulnerable with a collective effort to make this world a better place either with technology, or through our actions. 
So, you have colorful hair? Don’t care. Tattoos? Show off your ink. Like polka dots? That’s cool. Pop culture geek? Many of us are. Passion for technology and world changing? Be you, with us! #WeAreCisco 
#STO24