Value Chain Security Engineer - Durham, United States - Cisco

Description

Who We Are

Ciscos Trust Transformation Office (TTO) plays a leading role in understanding customer needs for security, privacy, data protection, and customer data management. TTO advises, supports and collaborates with customers, Cisco Sales, Engineering, Government Affairs and Legal to build industry leading trust and visibility. On this team you will help shape the strategic direction of networks, security, collaboration, and applications. Together, we will help to build a better and more secure internet and help to define the future of trust. Within TTO, you will be part of the Value Chain Security Team which governs the Value Chain Security Architecture (VCSA) across Ciscos Supply Chain.

Value Chain Security (VCS) Teams mission is to govern the embedding of pervasive and layered security and privacy at every lifecycle stage (Design, Plan, Source, Make, Quality, Delivery, Sustain, End of Life) of Ciscos products and offers (hardware, software, SaaS, applications) to protect our customers. VCSA applies industry standards to build and implement controls that ensure Ciscos products and offers meet market needs and establish Cisco as an industry leader in all aspects of supply chain security.

VCSA mitigates security threats to our products, offers and third-party ecosystem: specifically, threats of manipulation, espionage, and disruption by delivering unified risk management and practical insights that protects and positions Cisco as the most trusted brand.

What You Will Do

Drive anti-counterfeit technology validation during product development processes.

Lead data protection efforts for manufacturing and product data as it flows into third party ecosystems.

Ensure security controls are deployed into product development to include granular access control, threat modeling, encryption, and data flow visibility.

Drive chain of custody integrity efforts from engineering to manufacturing.

Lead implementation of tools and processes to ensure data flow is integrity through product development lifecycle.

Identify and assess potential risks and vulnerabilities within the product development lifecycle.

Standard processes, documentation, and drive overall consistency.

Develop strategies and solutions to mitigate potential security threats.

Keep up to date with the latest product security technologies and trends.

Work closely with product development teams to integrate security measures into product designs.

Participate in the creation and enforcement of hardware security policies and procedures.

Whos on Your Team

"It starts with Trust" There has never been a better time to be a member of the Security & Trust Organization (S&TO) at Cisco. The company, customer and shareholders are increasingly aware of the role security, trust, data protection and privacy play in achieving impactful business objectives. Security is not only imperative to mitigating cyber risk, but also a key pillar of Ciscos differentiation in the market. Trust is an accelerator for our customers that allows innovation and success to happen at the speed the market demands.

Within S&TO, the Cisco Trust Office plays a leading role in understanding customer needs for security, privacy, data protection, and customer data management, informing, supporting, and collaborating with customers, Cisco Sales, Engineering, Government Affairs and Legal to build industry leading Trust and clarity.

Who You Are

You have energy and passion for cyber security and supply chain understanding and using analytic methodology and rigor, and critical thinking are not only your strengths but a part of your normal process in approaching a topic or problem. You grasp the details of business and technology and can sit down with senior technical leaders and guide the discussion to capture, curate and frame their insights into compelling analysis. Beyond that, you want to roll up your sleeves in world-class cyber security organization and engage, shape and influence the direction of Cisco.

Minimum Qualifications:

Bachelor's degree in Computer Science, Electrical Engineering, or a related field.

3-5 years experience with hardware security / trustworthy technology mechanisms such as Trusted Platform Modules (TPM), secure boot, and hardware roots of trust.

Understanding of cryptographic principles and secure communication protocols.

Knowledge of security standards and frameworks relevant to hardware security.

Proven experience in hardware design and analysis

Familiarity with common hardware vulnerabilities and attack vectors, including side-channel attacks, fault injection, and reverse engineering.

Solid grasp of hardware security technologies, standard methodologies, and techniques.

Excellent problem-solving skills and the ability to work under pressure.

Strong written and verbal communication skills.

Preferred Qualifications:

A Master's degree or relevant professional certification will be an added advantage.

Experience with hardware design tools and software such as CAD tools for PCB design, FPGA programming tools, or simulation tools.

A deep understanding of the hardware lifecycle, from design to deployment and decommissioning.

Experience with embedded systems and microcontrollers.

Familiarity with compliance and regulatory requirements that impact hardware security, such as FIPS, Common Criteria, or specific industry standards.

Why Cisco?

#WeAreCisco. We are all unique, but collectively we bring our talents to work as a team, to develop innovative technology and power a more inclusive, digital future for everyone. How do we do it? Well, for starters - with people like you

Nearly every internet connection around the world touches Cisco. Were the Internets optimists. Our technology makes sure the data traveling at light speed across connections does so securely, yet its not what we make but what we make happen which marks us out. Were helping those who work in the health service to connect with patients and each other; schools, colleges, and universities to teach in even the most challenging of times. Were helping businesses of all shapes and sizes to connect with their employees and customers in new ways, providing people with access to the digital skills they need and connecting the most remote parts of the world - whether through 5G, or otherwise.

We tackle whatever challenges come our way. We have each others backs, we recognize our accomplishments, and we grow together. We celebrate and support one another - from big and small things in life to big career moments. And giving back is in our DNA (we get 10 days off each year to do just that).

We know that powering an inclusive future starts with us. Because without diversity and a dedication to equality, there is no moving forward. Our 30 Inclusive Communities, that bring people together around commonalities or passions, are leading the way. Together were committed to learning, listening, caring for our communities, whilst supporting the most vulnerable with a collective effort to make this world a better place either with technology, or through our actions.

So, you have colorful hair? Dont care. Tattoos? Show off your ink. Like polka dots? Thats cool. Pop culture geek? Many of us are. Passion for technology and world changing? Be you, with us #WeAreCisco

#STO24

Cisco is an Affirmative Action and Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis.

Cisco will consider for employment, on a case by case basis, qualified applicants with arrest and conviction records.