Job Closed
This listing is no longer active.
Cisco is a publicly-traded, award-winning global technology solutions firm. Established in 1984 by a group of Stanford University computer scientists, Cisco has
Security Research Engineering Technical Leader
Location
United States
Posted
14 days ago
Salary
$163.6K - $303.1K / year
Seniority
Mid Level
Job Description
Security Research Engineering Technical Leader
Cisco
Role Description This is a fully remote role based in the United States. As a member of Talos, you will support cutting-edge detection and mitigation technologies. You will work towards keeping yourself abreast of the latest industry threat creation and defense techniques, and you will develop proof-of-concept solutions, provide domain expertise, and guide implementation to facilitate successful security posture in Cisco’s products. If you enjoy vulnerability research, crash analysis, reverse engineering, and researching new techniques and writing tools to automate these tasks, this job is for you! Your Impact - Security research including development of tools for vulnerability analysis and mitigation. - Development of static and run-time analysis tools to figure out root cause and input conditions related to a vulnerability. - Vulnerability triage and proof of concept exploit development to support the creation of detection content. - Write detailed technical reports, summaries, and testing methodologies. - Research emerging technologies, protocols, and testing methodologies. - Develop proof of concept exploits for testing vulnerability mitigations. - Perform patch analysis to find and trigger vulnerabilities. - Reverse engineer binary applications, protocols, and formats. - Analyze vulnerabilities and emerging security threats and technologies. - Provide critical security-focused expertise to engineering organizations. Qualifications - 3+ years of experience in vulnerability research or a closely related area such as exploit or mitigation development on Linux Systems. - 3+ years’ experience with C/C++, and a scripting language (e.g., Python), and assembly (e.g., x86/x64, ARM, etc.). Requirements - Bachelor’s degree or equivalent in Computer Science, Electrical Engineering, Cyber Security, or other tech-related degree. - Experience with Linux internals. - Experience with binary auditing and reverse engineering, and with related tools such as IDA Pro, Binary Ninja, Ghidra, etc. and with plugin development. - Experience with common vulnerabilities and methods of exploitation, such as memory corruption, web application exploitation, file format vulnerabilities, protocol-based weaknesses, etc. - Knowledge of common file formats, network protocol structures, and enterprise networking architecture. - Ability to work independently with minimum supervision and to tackle additional tasks as the need arises. Benefits - Medical, dental and vision insurance. - 401(k) plan with a Cisco matching contribution. - Paid parental leave. - Short and long-term disability coverage. - Basic life insurance. - 10 paid holidays per full calendar year, plus 1 floating holiday for non-exempt employees. - 1 paid day off for employee’s birthday, paid year-end holiday shutdown, and 4 paid days off for personal wellness determined by Cisco. - Non-exempt employees receive 16 days of paid vacation time per full calendar year, accrued at rate of 4.92 hours per pay period for full-time employees. - Exempt employees participate in Cisco’s flexible vacation time off program, which has no defined limit on how much vacation time eligible employees may use (subject to availability and some business limitations). - 80 hours of sick time off provided on hire date and each January 1st thereafter, and up to 80 hours of unused sick time carried forward from one calendar year to the next. - Additional paid time away may be requested to deal with critical or emergency issues for family members. - Optional 10 paid days per full calendar year to volunteer. - Employees may be eligible to receive grants of Cisco restricted stock units, which vest following continued employment with Cisco for defined periods of time.
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
• Own the full RMF lifecycle from system categorization through ATO and continuous monitoring • Author and maintain SSPs, POA&Ms, SARs, and SCTM documentation • Coordinate with government AOs, SCAs, and ISSOs across programs • Manage NIST SP 800-53 control implementation, testing, and evidence collection • Govern the security posture of AI and ML systems operating within classified enclaves • Assess novel risks introduced by LLMs and agentic workflows in DoW environments • Apply DISA STIGs and DoW cloud SRG requirements across IL4–IL6 deployments • Support JSIG and ICD 503 requirements where SAP/SCI accreditation applies • Interpret evolving guidance — CMMC 2.0, NSM-8, DoW AI Ethics Principles — and translate into action before it becomes mandatory • Define security approval pathways for AI tools where none yet exist • Build lightweight security review processes that enable engineering teams rather than blocking them • Serve as the primary liaison with government ISSOs, AOs, and DCSA representatives • Communicate risk clearly to non-security audiences including engineers and program leads • Mentor junior ISSOs and build security-awareness culture across the organization
• Design, deploy, and manage enterprise network security solutions • Configure and administer Fortinet, SonicWall, and Palo Alto firewalls • Implement and maintain VPNs, IPS/IDS, web filtering, NAT, ACLs, and segmentation policies • Monitor security events using SIEM, XDR, and SOC monitoring platforms • Investigate security incidents, perform threat analysis, and support incident response activities • Manage firewall policies, security rules, and compliance controls • Implement Zero Trust Network Access (ZTNA) and identity-based security controls • Support cloud security initiatives across AWS, Azure, and hybrid infrastructure • Configure and support SD-WAN and Secure Access Service Edge (SASE) solutions • Conduct vulnerability assessments and remediation activities • Collaborate with infrastructure, cloud, and application teams to secure enterprise environments • Maintain security documentation, diagrams, SOPs, and audit records • Participate in on-call rotations and critical incident handling
• Develop and maintain a comprehensive understanding of CrowdStrike's hybrid networks spanning public cloud (AWS, GCP, Azure) and physical data centers, continuously assessing attack surface and identifying security gaps. • Design and architect new network connection patterns and zone segmentation strategies that reduce risk while enabling product scalability. • Build scalable monitoring, alerting, and automation solutions targeting network security risks across a fast-moving, dynamic environment. • Lead threat modeling efforts focused on network architecture, data flows, and connectivity patterns across platform services. • Evaluate current threat landscape and business priorities to effectively sequence and drive the highest-impact security improvements. • Lead complex, cross-team security initiatives with broad impact across the product group. • Contribute to medium-term strategic direction for network security; proactively identify areas of greatest need and develop actionable plans to address them. • Provide architectural and design expertise that accounts for the broader platform picture, not just point-in-time solutions. • Serve as an internal authority on network security architecture within CrowdStrike's product organization. • Volunteer for and lead working groups and initiatives that have impact at the Product team level or broader industry level. • Partner closely with product engineering, infrastructure, and platform teams to understand scaling requirements and translate them into secure-by-design network architectures. • Work across organizational boundaries to facilitate alignment on security requirements, driving consensus on complex and ambiguous problems. • Clearly communicate decisions and architectural direction to both technical and non-technical stakeholders once alignment is reached. • Serve as a role model for security culture and best practices within your functional area. • Multiply the effectiveness of the broader team by facilitating cross-team knowledge sharing and collaboration. • Guide and develop technical talent through coaching, code reviews, and architectural deep-dives. • Contribute to the growth of the security organization by mentoring team members and helping refine technical interviewing standards.
• Build detections and security signal pipelines in Datadog. • Serve as the subject matter expert on AWS Cloud and on-prem infrastructure security. • Define and set up AWS and on-prem Security Monitoring/Best Practices Strategy. • Act as the technical lead during security incidents, including investigation and remediation. • Improve Terraform Modules and Infrastructure as Code (IaC) to follow security best practices. • Develop and implement a vulnerability monitoring strategy and integrate it into CI/CD pipelines. • Build security automation using Python, scripting, and APIs. • Partner with Infrastructure on AWS security engineering, including IAM, KMS, and network segmentation. • Operate SOC 2 Type 2 evidence collection and audit response. • Drive ISO 27001 implementation work, including risk assessments and control mapping. • Ensure infrastructure compliance with regulatory requirements. • Run vendor and subprocessor risk reviews. • Respond to customer security questionnaires and external inquiries. • Mentor and enable other team members to improve their security posture.
