Product Security Engineer
Location:South Netanya, Hamerkaz, Israel
Area of InterestEngineer - Software
What You'll Do
You will join the Security Technology Group as Product Security Tester/Facilitator to promote security awareness, encourage a defensive mindset, influence security processes, priorities, provide expert security guidance and will play a major role in the product security assessment, analysis and Security compliances verification of our solutions - Intrusion Prevention System (IPS) and Next Generation Fire Wall (NGFW).
Who You'll Work With
The Network Threat Defense organization, within Cisco Security Technology Group, consists of security experts developing security products that aim to block more threats and quickly mitigate those that do breach our customers defenses with the industry’s first threat-focused NGFW..
You will work with fellow security experts who design our next generation solutions and protect our customers network on a daily basis. Advanced and Complex solutions , such as ours, require best of breed security- in every layer, End-to-End. Staying ahead of the threat requires continuous and rigorous innovation - continuous testing for continuous improvement….and that's where you come in!
Who You Are
Cisco is seeking a self-motivated and dynamic individual engaging with delivery teams to promote security awareness, encourage a defensive mindset, influence their processes, priorities and provide expert security guidance.
- Work in an agile development environment and partner with engineering and delivery teams to ensure that new product feature development adheres to security best practices.
- Conduct regular security testing of both software and processes according to Cisco Security Development Lifecycle
- Conduct penetration testing or interact with penetration testers and other external vendors to validate that security controls work as expected
- Review threat models and ensure they are aligned to Cisco Product Security Requirements and best practices
- Coordinate remediation of any application security weaknesses uncovered.
- Evaluate and promote the use of automation tools to assist in detecting product security issues.
- Track and review the team readiness for security compliances like Government Certifications.
- Promote security training and awareness in the organization.
- Focus on keeping personal skills current.
- Full understanding of web stack, web security and common vulnerabilities.
- Development skills to facilitate tools development.
- Domain expert in security with respect to web development and enterprise app development.
- Good understanding of cloud technologies – Advantage
- Familiarity with government computer security standard like Federal Information Processing Standard (FIPS) or Common Criteria – Advantage
- Enthusiasm for hunting for potential weaknesses
- Basic penetration testing skills.
- Experience with automation tools and deployments.
- Excellent verbal and written communication skills.
- Leadership qualities including the ability to work effectively with cross-functional teams and be able to consider diverse opinions.
- A working knowledge of Agile Development methodology.
- BS or MS degree in Computer Science or Engineering OR equivalent years of relevant work experience.
We connect everything: people, processes, data, and things. We innovate everywhere, taking bold risks to shape the technologies that give us smart cities, connected cars, and handheld hospitals. And we do it in style with unique personalities who aren't afraid to change the way the world works, lives, plays and learns.
We are thought leaders, tech geeks, pop culture aficionados, and we even have a few purple haired rock stars. We celebrate the creativity and diversity that fuels our innovation. We are dreamers and we are doers.
We Are Cisco.