Job Description

Applications are accepted until further notice Head of Detection Engineering At Cisco Meraki, we know that technology can connect us, empower us, and drive us. By simplifying powerful technology we can free hardworking people to focus on their mission. As the fastest-growing cloud-managed networking team in the world, our products and technology architecture are changing the face of enterprise networking and making cloud-managed IT a reality! Our Meraki Security organization provides critical cybersecurity and business protection to Meraki and our customers globally. Our mission is to earn and maintain customer trust by protecting, defending, and improving the security of Meraki products, systems, and services. In order to support a global customer base, the Meraki Detection Engineering Team is a fully remote team with employees in multiple locations and time zones. As a direct report of the Head of Threat Management, you will be responsible for leading Cisco Meraki’s Detection Engineering program. You will be responsible for helping build, maintain, and improve our threat detections and alerting infrastructure. You will also be responsible for ensuring Meraki Security has the right data collection and log visibility in place to discover threats against our infrastructure, data, employees, and customers. We are looking for engineers who are self-starters, curious, and are comfortable operating in environments where there are lots of unknowns. This position will require frequent collaboration with the other Threat Management capabilities, including Threat Response, Insider Threat, and Threat Intelligence. The program you run will have a direct, immediate, and positive impact on our internal security, external customers, and the hundreds of millions of users that use and rely on Meraki access points, switches, security appliances, and cameras every single day. We are passionate about building real products that our customers love. We believe in fostering a positive culture by hiring, mentoring, and empowering thoughtful, conducive, humble people. With the support of management, we constantly look within for ways to improve organizationally. Finally, we maintain a positive relationship with Cisco that gives us the stability and resources of a larger company without sacrificing our startup vibe! Key responsibilities: Oversee the strategic planning, execution, and continuous improvement of the detection engineering program. Develop and report on key performance metrics to track the effectiveness and maturity of the Detection Engineering program. Lead and mentor a team of two contractors ensuring alignment with program goals. Liaison with other Cisco Security teams and business units doing similar Detection and Response work. Ideate, design, develop, test, monitor, and tune high-quality detections to ensure our security analysts can respond effectively to security threats. Write complete and well-documented alerting and detection strategies to provide necessary context and runbooks for security analysts and incident responders. Serve as a subject matter expert for security-relevant logs and data, assisting the Incident Response team during high-priority investigations. Build, maintain, and improve custom detection and alerting solutions, ensuring commercial tools are optimized to meet detection coverage needs. Collaborate with the Threat Intelligence team to build impactful detections that enhance Meraki’s security posture. Work closely with the Insider Threat team to develop and implement strategies for detecting and mitigating insider threats. Support other security program initiatives to improve the Threat Management team’s security visibility. Independently propose logging modifications and improvements to other Engineering and Software Development teams to ensure the necessary detections can be built. You are an ideal candidate if you have: Proven hands-on experience with full-lifecycle detection engineering in support of a security operations team. Knowledge and interest in the use of AI in detection engineering workflows. Experience with defining, collecting, and analyzing various metrics that exhibit the purpose and success of a maturing Detection Engineering program (i.e. MITRE ATT&CK coverage). Experience building and managing high-performing security programs and teams. Experience as a Threat Hunter, Security Operations Analyst, or Incident Responder. Comfortability operating in Splunk or other common SIEM and SOAR solutions. Technical depth in one or more of the following specialties: offensive security, application security, cloud security, digital forensics, malware analysis, threat hunting, incident response or some combination thereof. Familiarity with SQL, relational databases, and data warehousing. Basic Python (or other scripting language) experience in order to automate tasks within our case management and CI/CD environment. Demonstrated knowledge of threat actor techniques, vulnerabilities, and exploits, and how those present themselves within logs and various endpoint/network artifacts. Excellent communication and collaboration skills, with the ability to work with a high degree of autonomy. Relevant industry certifications. Formal software engineering, DevOps, or data science experience from prior jobs, trainings, or academia. Hands-on experience building tools and solutions within a public cloud environment, preferably AWS. Experience with PCI-DSS, FedRAMP, and other compliance frameworks and their associated logging and detection requirements. Cisco is an Affirmative Action and Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis. Cisco will consider for employment, on a case by case basis, qualified applicants with arrest and conviction records. At Cisco Meraki, we’re challenging the status quo with the power of diversity, inclusion, and collaboration. When we connect different perspectives, we can imagine new possibilities, inspire innovation, and release the full potential of our people. We’re building an employee experience that includes appreciation, belonging, growth, and purpose for everyone. Compensation Range:

$170,500 — $245,300 USD

Message to applicants applying to work in the U.S. and/or Canada: When available, the salary range posted for this position reflects the projected hiring range for new hire, full-time salaries in U.S. and/or Canada locations, not including equity or benefits. For non-sales roles the hiring ranges reflect base salary only; employees are also eligible to receive annual bonuses. Hiring ranges for sales positions include base and incentive compensation target. Individual pay is determined by the candidate's hiring location and additional factors, including but not limited to skillset, experience, and relevant education, certifications, or training. Applicants may not be eligible for the full salary range based on their U.S. or Canada hiring location. The recruiter can share more details about compensation for the role in your location during the hiring process. U.S. employees have access to quality medical, dental and vision insurance, a 401(k) plan with a Cisco matching contribution, short and long-term disability coverage, basic life insurance and numerous wellbeing offerings. Employees receive up to twelve paid holidays per calendar year, which includes one floating holiday (for non-exempt employees), plus a day off for their birthday. Non-Exempt new hires accrue up to 16 days of vacation time off each year, at a rate of 4.92 hours per pay period. Exempt new hires participate in Cisco’s flexible Vacation Time Off policy, which does not place a defined limit on how much vacation time eligible employees may use, but is subject to availability and some business limitations. All new hires are eligible for Sick Time Off subject to Cisco’s Sick Time Off Policy and will have eighty (80) hours of sick time off provided on their hire date and on January 1st of each year thereafter. Up to 80 hours of unused sick time will be carried forward from one calendar year to the next such that the maximum number of sick time hours an employee may have available is 160 hours. Employees in Illinois have a unique time off program designed specifically with local requirements in mind. All employees also have access to paid time away to deal with critical or emergency issues. Employees on sales plans earn performance-based incentive pay on top of their base salary, which is split between quota and non-quota components. For quota-based incentive pay, Cisco typically pays as follows: .75% of incentive target for each 1% of revenue attainment up to 50% of quota; 1.5% of incentive target for each 1% of attainment between 50% and 75%; 1% of incentive target for each 1% of attainment between 75% and 100%; and once performance exceeds 100% attainment, incentive rates are at or above 1% for each 1% of attainment with no cap on incentive compensation. For non-quota-based sales performance elements such as strategic sales objectives, Cisco may pay up to 125% of target. Cisco sales plans do not have a minimum threshold of performance for sales incentive compensation to be paid. Apply for this job #J-18808-Ljbffr Meraki, LLC

Job Tags

Holiday work, Full time, Temporary work, For contractors, Local area, Immediate start, Remote job, Flexible hours,

Similar Jobs