Information Security Engineer

Who We Are

The name ThousandEyes was born from two big ideas: the power to see things not ordinarily possible and the ability to collect insights from a multitude of vantage points. As organisations rely more on cloud services and the Internet, the network has become a black box they can't understand. Our Internet and cloud intelligence platform delivers the only collectively powered view of the Internet, cloud and SaaS platforms, helping enterprises and service providers work together to identify problems before it impacts revenue, damages brand reputation, or halts employee productivity.

In August 2020, Cisco Systems completed the acquisition of ThousandEyes, which now forms the ThousandEyes Business Unit within Cisco’s Network Services Business Group, and is a foundational component of Cisco’s growing Observability business.

About the Role

We're looking for a passionate Information Security Engineer that can support ThousandEyes information security and privacy compliance initiatives, drive continuous improvement of our control environment and internal processes, and ensure that products and services meet and exceed ongoing industry standards.  You will work cross-organizationally to ensure the success of the information security risk management program.  We are looking for an individual that will be aggressive in following up on tasks, achieving deadlines, and holding resource owners accountable to risk remediation plans.

Responsibilities:

• Perform risk assessments to determine if new projects and deployments are aligned with regulatory requirements, industry standards, and best practices and comply with corporate information security and privacy policies
• On-going project/program management of information security risk management activities (including risk treatment plans and external audit/certification initiatives such as SOC2, ISO 27001 and FedRAMP)
• Plan and perform internal security and privacy audits to assess control design and effectiveness
• Report on the status of compliance activities and develop metrics around the risk remediation program
• Manage incoming and outgoing customer security and privacy information requests and questionnaires
• Communicate with company workers on security awareness topics
• Support, exhibit and grow corporate culture that is committed to information security best practices
• Participate in 24x7 Information Security Response team

Requirements:

• Knowledge of ISO 27001, FISMA, NIST and CSA CCM frameworks, as well as global data protection and privacy laws
• Strong understanding of technologies and controls including those related to AWS security
• Experience with fast paced work environments; strong time management skills
• Action oriented with a passion for getting things done quickly, efficiently, and properly
• Ability to work effectively with diverse teams across geographic and organizational boundaries
• BA/BS degree in Computer Science or a related field and a minimum of 2 years experience in information security

A plus if you also have:

• Hands-on experience with FedRAMP, SOC2 and/or ISO certification engagement
• Technical working knowledge of AWS security controls, IAM, Container technologies and microservice architecture
• Security certifications such as CISSP, CISM, CCSP, GSEC, AWS Security
• Compliance and risk program management experience

Cisco is an Affirmative Action and Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, colour, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis. Cisco will consider for employment, on a case by case basis, qualified applicants with arrest and conviction records. 

We Are Cisco

#WeAreCisco, where each person is unique, but we bring our talents to work as a team and make a difference. Here’s how we do it.

We embrace digital, and help our customers implement change in their digital businesses. Some may think we’re “old” (30 years strong!) and only about hardware, but we’re also a software company. And a security company. An AI/Machine Learning company. We even invented an intuitive network that adapts, predicts, learns and protects. No other company can do what we do – you can’t put us in a box!

But “Digital Transformation” is an empty buzz phrase without a culture that allows for innovation, creativity, and yes, even failure (if you learn from it.) 

Day to day, we focus on the give and take. We give our best, we give our egos a break and we give of ourselves (because giving back is built into our DNA.) We take accountability, we take bold steps, and we take difference to heart. Because without diversity of thought and a commitment to equality for all, there is no moving forward.

So, you have colorful hair? Don’t care. Tattoos? Show off your ink. Like polka dots? That’s cool.