Information Security Risk Manager - CPX Engineering

Job Description

Who We AreCisco s Customer Experience (CX) organization is one of our fastest growing teams, and the CX Engineering & Product Incubation organization is redefining how Cisco delivers value to our customers & partners via our product portfolio. This team is charged with securing the offerings from CX Engineering & Product Incubation.What Youll Do

• You provide advice and mentorship on a wide variety of information security issues, concerns, and problems and ensure that all development of applications and processes include adequate control measures. You will gain widespread support of and compliance with security requirements.
• You identify, analyze and report information risks to all required levels of management, ensuring clear and directed communication appropriate for the audience so that they fully understand the risks and risk management options and are able to make risk-aware decisions.
• You guide company employees at all levels to make decisions while in consideration of security risks, offering mitigating strategies as appropriate to the business area and overall risk tolerance levels. You further ensure that the proper parties are engaged to assist in implementing security controls determined to be appropriate for mitigating the posed risks.
• You are also familiar with corporate obligations, including prevailing laws, organizational culture, management style, and business activities.

Key Responsibilities

• Act as the primary security point of contact for projects and initiatives
• Provides expertise and information risk control consultation
• Regularly consults with business leaders and product owners to understand security needs and impacts of security decisions on business processes as well as to communicate risks
• As part of project development or business application or process improvement, assists in the development of efficient and practical information security systems, procedures and controls
• Participates as a technical advisor for a variety of ad-hoc security projects
• Designs and implements a coordinated risk management approach that applies operating controls to manage information security risks
• Implements information security policies, standards, and other requirements
• Guides staff in their efforts to develop applications maintaining secure coding practices and interpret the output of code analysis tools
• Addresses information security related issues and findings, ensuring that remedial actions as well as long term solutions are executed to mitigate the underlying risks

Who Youll Work WithYoull be part of an innovative security team redefining the way that Cisco protects data stored in the cloud. This team is passionate about security and applies savvy risk-based thinking to build the best outcomes for our customers.Youll work with other teams within CX Engineering, such as top skilled cloud operations, application, and platform engineers. Youll also work closely with other security professionals across Cisco to implement a new way to secure the Cloud.Who You Are

• You possess a Masters degree (BS/BA with additional experience will be considered), and at least 7 years of security experience, with a passion for information risk management and balancing controls with business needs.
• You have deep technical expertise, you thrive by applying this expertise to gain support and understanding from developers, product owners, and business leaders. Youre good at working with people of all backgrounds and helping them be successful while improving security.
• You have experience securing Cloud systems. You enjoy mentoring technical personnel. Youre passionate about applied security risk management.
• You bring deep knowledge of technical control mechanisms, authentication and authorization methodologies, DevSecOps, and industry security standards such as NIST, ISO, FedRAMP, and others. You may have one or more security certifications, particularly those with a Cloud focus (CISSP, CCSP, AWS Cloud certifications, etc.).

You Are Highly Capable Of

• Optimally communicating complex technical ideas to peers, executives, and customers.
• Youre the perfect balance of advanced technical knowledge and strategic business acuity who is good with engaging with senior-level decision makers to convey business value of security.
• Youre a strong leader who holds yourself and others accountable to deliver excellent results with little mentorship.
• You view security as a service.
• You show full dedication to customer happiness, out-of-the-box thinking, analytical reasoning, and creative problem solving skills.
• You have a keen ability to switch from high-level thinking to realistic and pragmatic execution.

Why Cisco#WeAreCisco, where each person is unique, but we bring our talents to work as a team and make a difference powering an inclusive future for all.We embrace digital, and help our customers implement change in their digital businesses. Some may think we re old (36 years strong) and only about hardware, but we re also a software company. And a security company. We even invented an intuitive network that adapts, predicts, learns and protects. No other company can do what we do you can t put us in a box!But Digital Transformation is an empty buzz phrase without a culture that allows for innovation, creativity, and yes, even failure (if you learn from it.)Day to day, we focus on the give and take. We give our best, give our egos a break, and give of ourselves (because giving back is built into our DNA.) We take accountability, bold steps, and take difference to heart. Because without diversity of thought and a dedication to equality for all, there is no moving forward.So, you have colorful hair Don t care. Tattoos Show off your ink. Like polka dots That s cool. Pop culture geek Many of us are. Passion for technology and world changing Be you, with us!,

Keyskills :
risk managementbankingriskcustomer relationscompliancecreative problem solvingpop culturerisk controlsecurity risksecure codinggrowing teamsproblem solvingsecurity systems