Cisco Security Detection and Response Engineer in San Francisco, California

Security Detection and Response Engineer

  • Location: San Francisco, California, US

  • Area of Interest Engineer - Software

  • Job Type Professional

  • Technology Interest *None

  • Job Id 1250861

In order to be considered for this role, you MUST apply only on:

Security Detection and Response Engineer (DnR)

San Francisco

As a member of the Security Detection and Response team, you will have a substantial impact on the security of millions of Meraki users all around the world. We are looking for people who are excited to learn about detection infrastructure and incident response, with some experience in security engineering or a related technical discipline.

At Meraki, you will have the opportunity to be a part of a tight-knit engineering organization working with smart, helpful engineers, particularly within our site reliability and security teams. You will have help build and maintain the tools that we use to monitor and audit our system. You will aid in investigations and learn how to coordinate the response to security incidents. You will learn how to quickly analyze data from the entire stack, from the UI and backend all the way through to the device firmware. You will support other security teams in driving business-friendly security and process improvements. By developing our capabilities to promptly detect and respond to threats, you and your teammates will have a direct, immediate, and positive impact on our customers and the hundreds of millions of users that use and rely on Meraki access points, switches, security appliances, and cameras every single day.

We are passionate about building real products that our customers love. We believe in fostering a positive culture by hiring, coaching, and empowering smart, helpful, humble people. With the support of management, we constantly look within for ways to improve organizationally. Finally, we maintain a positive relationship with Cisco that gives us the stability and resources of a larger company without sacrificing our startup vibe—including an awesome office overlooking the Bay Bridge, stocked full of food and drinks.

Key responsibilities:

  • Support senior detection and response team members as a responder and investigator on high-severity security incidents

  • Assist with building our detection stack, including:Security Incident and Event Monitoring (SIEM),File Integrity Monitoring (FIM),Vulnerability Scanners,Network and Host Intrusion Detection (IDS)

  • Learn how to leverage and extend existing monitoring and tooling to ensure we quickly detect anomalous behavior in our infrastructure

  • Help augment our infrastructure with audit trails to ensure that we can understand the impact of security incidents

  • Work with other engineers to proactively add monitoring to new features and services

You are an ideal candidate if you:

  • Have 1+ years of experience in web, database, information and/or infrastructure security, or a comparable amount of development/networking experience and a security hobby

  • Have a calm methodical approach to investigating potential threats under pressure

  • Have some scripting or security tools development knowledge

  • Love learning about the latest security tools, infrastructure, and industry best practices

  • Familiarity with search/analytics platforms such as ELK, SQL, Splunk

  • Enjoy working across and being a resource for other engineers

  • Are excited to champion security as a first-class concern

Bonus points for:

  • Experience with incident response

  • Experience working with detection tools, for example: Nessus, Qualys, OSSEC, Osquery, Suricata, Threatstack, AWS Guard Duty

  • Know and recognize common vulnerability types, including SQL/command injection, XSS, CSRF, and SSRF

  • Experience with IoT platforms, large-scale distributed systems, and/or client-server architectures

Cisco is an Affirmative Action and Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis. Cisco will consider for employment, on a case by case basis, qualified applicants with arrest and conviction records.

In order to be considered for this role, you MUST apply only on:

Cisco is an Affirmative Action and Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis.