• Attack Surface Management Security Architect…

    Cisco (Washington, DC)


    The application window is expected to close on: November 21, 2025.

     

    Job posting may be removed earlier if the position is filled or if a sufficient number of applications are received.

     

    Remote USA

     

    The successful applicant may be performing work on FedRamp environments and partnering with researchers and threat intel teams that require they be a U.S. Person (i.e. U.S. citizen, U.S. national, lawful permanent resident, asylee, or refugee). This position may also perform work that the U.S. government has specified can only be performed by a U.S. Citizen on U.S. soil.

     

    Meet the Team

     

    The Cisco Attack Surface Management (ASM) Team is a highly skilled and dynamic group focused on detecting and remediating Cisco’s operational security risks inclusive of IT services, acquisitions, and BU operated infrastructure and services, initially concentrating on identifying and reducing risks associated with Cisco’s external perimeter.

     

    The ASM service unifies tooling sources of truth, mis-configurations, and vulnerability data collected to enable executive accountability and track the prioritized remediation of all exploitable weaknesses within target operational level agreements. The team is at the forefront of cybersecurity, employing ground breaking technologies and methodologies to detect, analyze, and proactively address attack surface threats.

     

    Your Impact

     

    We are seeking an enthusiastic and motivated Security Architect to support the implementation, client-facing delivery, and continuous improvement of our attack surface management service. This role will contribute to the proactive, sustainable, and measurable reduction of operational risk at Cisco, addressing foundational improvements and security root cause resolution.

     

    Multi-Functional Collaboration: Team members work closely with experts across various domains, including investigations, analysis, vulnerability management, security architecture, threat intelligence, cyber legal, data protection, and compliance, providing opportunities to learn and grow while addressing sophisticated challenges.

    Key Responsibilities

    + Be a trusted security architect across every business unit for exposure detection and remediation

    + Lead multiple client engagements using a campaign-based, risk remediation approach as part of a bi-directional partnership with active Business Unit/Business Entity contacts to serve last mile capabilities at scale

    + Lead exposure management campaigns across the organization using tools and platforms like Axonius, BishopFox, Tenable, Wiz, and a variety of authoritative tools to provide insight for rapid remediation.

    + Design and implement security campaigns advised by vulnerability discovery, mis-configurations, and attack surface analysis using automated and manual techniques.

    + Identify gaps in tooling and visibility of operational assets and assist the clients and ASM Platform team in discovery of unknowns and enabling new data feeds.

    + Lead collaboration with key partners within the Security & Trust Organization including security operations, incident response, risk management, and offensive security teams to drive risk reduction.

    + Know the latest with emerging threats, attack techniques, and ASM technologies to continuously enhance the ASM program.

    + Provide guidance and training to security teams on security protocols and tools.

    + Foster long-term relationships with key client partners, understanding their critical business needs and helping them to proactively identify and address operational security risk.

    + Leverage your superb communication skills to articulate sophisticated security concepts to technical and non-technical partners.

    Minimum Qualifications

    + Bachelor’s degree in Cybersecurity, Intelligence, or related field.

    + 7+ years of experience in threat intelligence, cybersecurity, or security operations.

    + Expertise in vulnerability management, threat modeling, and security risk assessment.

    + Solid knowledge of network, endpoint, server, and application security fundamentals.

    Preferred Qualifications

    + Ability to read/understand exploit code, development skills, and think like an attacker.

    + Certified Threat Intelligence Analyst (CTIA) or GIAC Cyber Threat Intelligence (GCTI).

    + Solid experience in integrating threat intelligence into security operations, including experience with API integrations, automated scanning, and security analytics.

    + Ability to work collaboratively in cross-functional teams and lead security initiatives.

    STO25

    Why Cisco?

     

    At Cisco, we’re revolutionizing how data and infrastructure connect and protect organizations in the AI era – and beyond. We’ve been innovating fearlessly for 40 years to create solutions that power how humans and technology work together across the physical and digital worlds. These solutions provide customers with unparalleled security, visibility, and insights across the entire digital footprint.

     

    Fueled by the depth and breadth of our technology, we experiment and create meaningful solutions. Add to that our worldwide network of doers and experts, and you’ll see that the opportunities to grow and build are limitless. We work as a team, collaborating with empathy to make really big things happen on a global scale. Because our solutions are everywhere, our impact is everywhere.

     

    We are Cisco, and our power starts with you.

     

    Message to applicants applying to work in the U.S. and/or Canada:

     

    The starting salary range posted for this position is $148,000.00 to $187,800.00 and reflects the projected salary range for new hires in this position in U.S. and/or Canada locations, not including incentive compensation*, equity, or benefits.

     

    Individual pay is determined by the candidate's hiring location, market conditions, job-related skillset, experience, qualifications, education, certifications, and/or training. The full salary range for certain locations is listed below. For locations not listed below, the recruiter can share more details about compensation for the role in your location during the hiring process.

     
     
     

    + 10 paid holidays per full calendar year, plus 1 floating holiday for non-exempt employees

    + 1 paid day off for employee’s birthday, paid year-end holiday shutdown, and 4 paid days off for personal wellness determined by Cisco

    + Non-exempt employees** receive 16 days of paid vacation time per full calendar year, accrued at rate of 4.92 hours per pay period for full-time employees

    + Exempt employees participate in Cisco’s flexible vacation time off program, which has no defined limit on how much vacation time eligible employees may use (subject to availability and some business limitations)

    + 80 hours of sick time off provided on hire date and each January 1st thereafter, and up to 80 hours of unused sick time carried forward from one calendar year to the next

    + Additional paid time away may be requested to deal with critical or emergency issues for family members

    + Optional 10 paid days per full calendar year to volunteer

     

    For non-sales roles, employees are also eligible to earn annual bonuses subject to Cisco’s policies.

     

    Employees on sales plans earn performance-based incentive pay on top of their base salary, which is split between quota and non-quota components, subject to the applicable Cisco plan. For quota-based incentive pay, Cisco typically pays as follows:

     

    + .75% of incentive target for each 1% of revenue attainment up to 50% of quota;

    + 1.5% of incentive target for each 1% of attainment between 50% and 75%;

    + 1% of incentive target for each 1% of attainment between 75% and 100%; and

    + Once performance exceeds 100% attainment, incentive rates are at or above 1% for each 1% of attainment with no cap on incentive compensation.

     

    For non-quota-based sales performance elements such as strategic sales objectives, Cisco may pay 0% up to 125% of target. Cisco sales plans do not have a minimum threshold of performance for sales incentive compensation to be paid.

    The applicable full salary ranges for this position, by specific state, are listed below:

    New York City Metro Area:

    $177,400.00 - $259,600.00

    Non-Metro New York state & Washington state:

    $158,100.00 - $230,400.00

     

    * For quota-based sales roles on Cisco’s sales plan, the ranges provided in this posting include base pay and sales target incentive compensation combined.

    ** Employees in Illinois, whether exempt or non-exempt, will participate in a unique time off program to meet local requirements.

     

    Cisco is an Affirmative Action and Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis.

     

    Cisco will consider for employment, on a case by case basis, qualified applicants with arrest and conviction records.