Engineering Program Manager (Remote)

Cisco•Austin, TX

2d•Hybrid

About The Position

We are looking for a seasoned, detail-oriented security professional to join our Unified Incident Command (UIC) team. UIC ensures a coordinated, clear, and effective response across Cisco Security & Trust (S&TO) incident teams when handling key security incidents. The core purpose of Unified Incident Command is to drive consistency, collaboration, decisiveness, and speed in incident response efforts. Our team is distributed around the globe, and delivers strategic oversight and coordination for high-impact security incidents, assurance and control to mitigate unnecessary escalation, informed decision making, and accurate, timely, and unbiased communication. The Security Incident Manager is a senior role responsible for managing, documenting and communicating with key team members for enterprise-level security incidents. The Security Incident Manager will act as a key liaison among Cisco’s S&TO investigations teams, as well as cross-functional partner teams such as: Engineering, Legal, Communications, Product Management, and IT. This individual will drive teams to ensure timely detection, containment, mitigation, and communication regarding threats, vulnerabilities and attacks, while minimizing operational disruptions. This role can be performed anywhere in the United States.

Requirements

Bachelor’s degree.
3+ years of experience of security-related work in the Technology/IT Industry.
Demonstrated experience managing incidents or crisis response, or leading multi-functional teams to deliver large-scale projects.
Excellent written and verbal communication abilities in English.
Experience engaging with senior-level security executives.

Nice To Haves

Exceptional leadership skills, and the ability to make decisions under pressure.
An ability to learn and apply new information quickly.
Strong critical thinking, analytical, and problem-solving skills.
A team-oriented, collaborative mentality, with the ability to coordinate/delegate an occasional 24 x 7 workload across geographic participants.
Strong understanding of regulatory requirements and industry certifications and standards (e.g., CSL, DSL, PIPL, GDPR, HIPAA, FedRAMP, ISO, PCI-DSS).
Certifications such as GIAC Certified Incident Handler (GCIH), CISSP, CISM, Security+, or Certified Information Systems Auditor (CISA).

Responsibilities

Lead and ensure alignment across the working teams responsible for all phases of incident response, including detection, containment, analysis, mitigation, recovery and communication.
Drive decision making and implementation of action plans to manage incidents, coordinating efforts across technical and business teams, as well as leaders and trusted subject matter experts.
Identify gaps that are delaying decision-making and assign owners or call out to leadership to close such gaps.
Ensure alignment to the organization's incident response frameworks, playbooks, and regulatory requirements.
Capture/document all facts, decisions, action items, partner team involvement, investigation progress, and core communication in the case management system, and ensure evidence materials are archived.
Provide detailed, actionable reports during and after incidents, including root cause analysis and mitigation strategies.
Serve as the main point of contact for incident updates to executive leadership and internal team members. And partner with external-facing stakeholders to ensure messaging is clear and consistent.
Collaborate with S&TO incident teams (such as CSIRT, PSIRT, DCI), as well as Legal, IT, Engineering, Risk Management, Privacy and other organizations to ensure a unified response.
Engage with customer-facing teams, third-party vendors, and customers when necessary.
Update and refine UIC documentation and processes to further define, streamline, and improve security incident response efforts, and ensure thoroughness/clarity of case documentation.
Develop, maintain, and test incident response plans, playbooks, and escalation procedures.
Conduct and support tabletop exercises and simulations to train and prepare teams.
Drive post-mortem sessions, capture and share key findings, and clearly assign ownership for long-term fixes / preventative measures identified during the sessions.
Support Cisco's effort to ensure compliance with regulations, certification obligations, and organizational policies during incident response.
Stay informed about emerging threats and trends in cybersecurity to improve response capabilities.

Benefits

medical, dental and vision insurance
a 401(k) plan with a Cisco matching contribution
paid parental leave
short and long-term disability coverage
basic life insurance
grants of Cisco restricted stock units
10 paid holidays per full calendar year, plus 1 floating holiday for non-exempt employees
1 paid day off for employee’s birthday
paid year-end holiday shutdown
4 paid days off for personal wellness determined by Cisco
16 days of paid vacation time per full calendar year, accrued at rate of 4.92 hours per pay period for full-time employees (for non-exempt employees)
flexible vacation time off program, which has no defined limit on how much vacation time eligible employees may use (for exempt employees)
80 hours of sick time off provided on hire date and each January 1st thereafter
up to 80 hours of unused sick time carried forward from one calendar year to the next
Additional paid time away may be requested to deal with critical or emergency issues for family members
Optional 10 paid days per full calendar year to volunteer
annual bonuses (for non-sales roles)
performance-based incentive pay (for sales plans)