• Location:
    Shanghai, China
  • Additional Location(s)
    Hefei, China
  • Area of Interest
    Information Technology
  • Job Type
  • Technology Interest
  • Job Id

What You’ll Do

Cisco is looking for a full time Information Security Analyst for Cisco's global Computer Security Incident Response Team (CSIRT).

This Analyst will sustain and improve usage of network security tools to support CSIRT's security monitoring and incident response services. CSIRT deploys and support network IDS, proxy-based malware filtering solutions such as IronPort WSA, host intrusion prevention tools such as Splunk log management, device syslog processing, and network traffic inspection tools. CSIRT develops custom integration tools for interfacing with Cisco infrastructure, security tools, and for conducting security investigations.

Work to setup and tune monitoring plays involving multiple security monitoring products and data feeds
Work to develop and tune documented process for incident and alert handling
Work to mentor and train others on the team in how to properly handle incidents as well as escalations
Manage schedule to ensure operational effectiveness & on-time delivery of all work consistent with documented requirements
In addition, this Analyst will be accountable for the following:
• Escalate to CSIRT investigators and external support teams to assist in analysis and event resolution.
• Document cases, procedures, analysis, and investigations accurately and thoroughly (including best-practice documentation).
• Inform higher-level priorities, improvements and problem resolutions to improve effectiveness of Cisco CSIRT & InfoSec.
• Constructively challenge and improve existing tools, processes and procedures.
• Assist CSIRT with continued enhancement of Cisco's security tools.
• Assume additional responsibilities as assigned.

Who You’ll Work with
The Computer Security Incident Response Team (CSIRT) reduces the risk of loss as a result of security incidents for Cisco-owned businesses. CSIRT regularly engages in proactive threat assessment, mitigation planning, incident detection and response, incident trending with analysis, and security architecture.

Who You Are

CSIRT is looking for a college graduate with 4-6 years IT technical experience in one or more of the following fields:

Network administration
System administration (Windows or Unix)
IT security with a focus on computer forensics, incident response, malicious code/exploits, anti-virus, etc.
Web application and script development

The successful candidate should have the following qualifications:

Familiar with Windows exploits, malware and malicious code trends
Demonstrate good customer service, communications, and troubleshooting skills. The candidate must be able and willing to follow process and demonstrate past examples, including case handling
Experience working in a global support environment, experience working under pressure is a plus
Willing to work slightly off-hours including rotational on-call, conduct security event analysis, provide coordination and primary response to security incidents
• Demonstrate interest and knowledge of security trends, especially hacking technologies including trojans, viruses, and worms
• Demonstrate knowledge of TCP/IP and application in securing systems, investigating security incidents
• Demonstrate clear experience with UNIX/Windows operating systems

Graduation degree in IT / Cyber Security or equivalent. Post Graduation is a plus.


GCIH, GCIA, CCNA, RHCE, MCSE, CEH (Security certifications)


Why Cisco
We connect everything: people, processes, data, and things. We innovate everywhere, taking bold risks to shape the technologies that give us smart cities, connected cars, and handheld hospitals. And we do it in style with unique personalities who aren’t afraid to change the way the world works, lives, plays and learns.


We are thought leaders, tech geeks, pop culture aficionados, and we even have a few purple haired rock stars. We celebrate the creativity and diversity that fuels our innovation. We are dreamers and we are doers.


We Are Cisco.

Apply on the Company Site