Information Security Engineer (Remote)

New York, Remote US

ThousandEyes, Inc.

ThousandEyes monitors network infrastructure, troubleshoots application delivery and maps Internet performance, all from a SaaS-based platform.

View company page

About ThousandEyes

The name ThousandEyes was born from two big ideas: the power to see what’s not ordinarily possible, and the ability to collect intelligence from vantage points as diverse and global as the Internet. As organizations depend on cloud services, the Internet has become their defacto network connecting cloud applications to users. Our Internet and cloud intelligence platform is like a ‘Google maps of the Internet’, providing the only collectively powered view of digital experiences end-to-end. We enable our customers made up of the world’s largest and fastest-growing brands, to identify problems before they impact revenue, brand reputation, or employee productivity.

In August 2020, Cisco Systems completed the acquisition of ThousandEyes, which now forms the ThousandEyes Business Unit within Cisco’s Network Services Business Group, and is a foundational component of Cisco’s growing Observability business.

 

About The Role

ThousandEyes is seeking an exceptional information security engineer with strong project management skills to support our Information Security and Privacy Risk Management function. This is a combination of project/program management and risk analysis: a hands-on role that requires experience and expertise managing projects and processes related to security of networks, systems and applications. The Information Security Risk Management team is responsible for managing and mitigating risks faced by ThousandEyes to protect its systems, services and data. Our scope includes everything from customer applications to enterprise services that support our business operations. We work cross-functionally with internal teams providing security consulting services while driving new program initiatives. You should be strongly driven and excited about learning new processes. You will be collaborating with ThousandEyes’ project teams to ensure the success of the information security risk management program. We are looking for an information security engineer / project manager that will be aggressive in following up on tasks, achieving deadlines, and holding resource owners accountable to risk remediation plans. The security engineer role will be highly engaged with all aspects of the risk assessment process. A successful candidate will need strong project management fundamentals and excellent communication skills.

What you’ll do:

  • Assess information security risks of new projects and deployments (this will require practical use and understanding of advanced security protocols and standards, and solid knowledge of information security principles and practices)
  • Project/program management of information security risk management activities (including risk treatment plans and external audit/certification initiatives such as SOC2, ISO 27001 and FedRAMP)
  • Plan and perform internal security audits to assess control design and effectiveness
  • Participate in supporting major external security certification and compliance attestation
    initiatives
  • Communicate with company workers on security awareness topics
  • Evangelize project owners to do the right thing using diplomacy & tact in all interactions
  • Participate in 24x7 Information Security Response team

Requirements:

  • Highly organized with excellent verbal and written communication skills
  • A firm understanding of technologies and controls including those related to system,
    networking, and web application security
  • A working knowledge of Docker is absolutely necessary
  • Day-to-day general knowledge of managing architecture with Terraform
  • Proven experience working with a major cloud provider (AWS, GCP, Azure)
  • Experience with multi-tasking and fast paced work environments is needed; strong time
    management skills
  • Action oriented with a passion for getting things done quickly, efficiently, and properly
  • Ability to work independently with minimal guidance while being a team player able to
    effectively manage a demanding workload across geographic and organizational
    boundaries
  • Strong customer service and service delivery orientation
  • Experience creating or maintaining networking, automation, and/or API-focused bash or
    python programs
  • BA/BS degree in Computer Science or a related field and a minimum of four (4) years
    experience in information security and/or IT project management

A big plus if you have:

  • Advanced working knowledge of any Linux OS & critical network protocols, web security architecture (nginx, apache), and/or Firewalls, IAM, IDS/IPS, SIEM, Cryptography
  • Proven experience performing or project managing information security risk assessments
  • Proven experience with code-review and/or relatable integration testing
  • Experience deploying, securing, & maintaining Kubernetes
  • Certification for an applicable vulnerability management tool
  • Certification for instruction detection systems
  • Knowledge of ISO 27001, SOC2, FedRAMP, NIST and CSA CCM frameworks, as well as global data protection and privacy laws
  • Hands-on experience with FedRAMP, SOC2 and/or ISO certification engagements
  • Security certifications such as CISSP, CISM, CCSP, GSEC, CCIE, OSCP, OSWE
  • Project management certifications such as PMP

Cisco is an Affirmative Action and Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis. Cisco will consider for employment, on a case by case basis, qualified applicants with arrest and conviction records. 

 

Why Cisco

#WeAreCisco, where each person is unique, but we bring our talents to work as a team and make a difference powering an inclusive future for all.

We embrace digital, and help our customers implement change in their digital businesses. Some may think we’re “old” (36 years strong) and only about hardware, but we’re also a software company. And a security company. We even invented an intuitive network that adapts, predicts, learns and protects. No other company can do what we do –you can’t put us in a box! But “Digital Transformation” is an empty buzz phrase without a culture that allows for innovation, creativity, and yes, even failure (if you learn from it.)

Day to day, we focus on the give and take. We give our best, give our egos a break, and give of ourselves (because giving back is built into our DNA.) We take accountability, bold steps, and take difference to heart. Because without diversity of thought and a dedication to equality for all, there is no moving forward.

So, you have colorful hair? Don’t care. Tattoos? Show off your ink. Like polka dots? That’s cool. Pop culture geek? Many of us are. Passion for technology and world changing? Be you, with us.

 

We recognize that diverse teams make the strongest teams, and we encourage people from all backgrounds to apply.

 

Cisco COVID-19 Vaccination Requirements

The health and safety of Cisco's employees, customers, and partners is a top priority. Our goal is to protect and mitigate the spread of COVID-19 infection for strong business resiliency during the pandemic. Therefore, Cisco may require new hires to be fully vaccinated against COVID-19 if the role requires business-related travel, meeting with customers/partners (including visiting third-party sites on behalf of Cisco), attending trade events, and Cisco office entry, unless otherwise prohibited by applicable law, and in countries where COVID-19 vaccination is legally required. The company will consider legally required accommodations/exceptions for medical, religious, and other reasons as per the requirements of the role and in accordance with applicable law. Additional information will be provided to candidates about the requirements and accommodation process at the offer time based on region.

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: APIs Application security Audits Automation AWS Azure Bash CCSP CISM CISSP Cloud Compliance Computer Science Cryptography Docker FedRAMP Firewalls GCP GSEC IAM IDS IPS ISO 27001 Kubernetes Linux Nginx NIST OSCP OSWE Privacy Python Risk analysis Risk assessment Risk management SIEM SOC 2 Terraform Vulnerability management

Perks/benefits: Flex vacation Team events

Regions: Remote/Anywhere North America
Country: United States
Job stats:  35  7  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.