About The Position
The Global Executive Protection (GEXP) team primarily supports the security of the CEO and Executive Leadership Team at Cisco. We are Executive Protection professionals that work on the premise of making the unknown known, to ensure to the best of our abilities, the successful completion of each detail and protective coverage of the CEO/ELT. GEXP is part of the Security and Trust Organization. The Global Security & Executive Protection (GS&EP) team is seeking a technical Threat Hunting Investigator to identify, investigate, and mitigate risks largely posed by internal actors - whether malicious, negligent, or compromised. This role provides direct support to conduct research and investigations into threats and incidents related to ELT/CEO, the digital protection of our ELT, and protection of critical intellectual property. You will combat Critical IP Theft, and focus on digital protection efforts including research and investigation on Threats directed towards Cisco’s Executive Leadership Team (ELT). This role requires deep technical expertise, strong investigative judgment, and discretion. You will proactively hunt for Insider Threats, evaluate threats directed at ELT, analyze complex datasets across multiple systems, and partner closely with security, Legal, HR, and compliance partners throughout the Security & Trust Organization to drive risk-based outcomes. In this role, you will be working in an agile, fast-paced, and collaborative environment to:
Requirements
- Bachelor's Degree in Computer Science, Information Systems, or a related field
- 8-10 years of experience identifying and prioritizing sensitive information, evaluating threats, and implementing countermeasures
- 8-10 years conducting digital threat investigations related to insider threats
- 8-10 years conducting data triage and forensic analysis of endpoint devices
- Deep technical expertise, strong investigative judgment, and discretion.
Nice To Haves
- Firm understanding of Cisco products and technologies, to include expert-level proficiency in Splunk and specific experience with Code42 and/or Microsoft Defender
- 2+ years of experience in Counterintelligence (CI) or within a US Federal Government organization
- Understanding of C/C++, Python, Verilog, and other source code languages
- Strong written and verbal communication skills, with the ability to explain technical findings to non-technical stakeholders
Responsibilities
- Identify and focus on threat research and insider risk
- Conduct threat hunting using logs, telemetry, and behavioral indicators across endpoints
- Produce clear, defensible investigative reports
- Support ELT incident response and mitigate critical IP theft
- Draft and document internal solutions responsive to emerging insider risks
- Conduct and document hands-on technical research on potential digital threats
Benefits
- U.S. employees are offered benefits, subject to Cisco’s plan eligibility rules, which include medical, dental and vision insurance, a 401(k) plan with a Cisco matching contribution, paid parental leave, short and long-term disability coverage, and basic life insurance.
- Employees may be eligible to receive grants of Cisco restricted stock units, which vest following continued employment with Cisco for defined periods of time.
- 10 paid holidays per full calendar year, plus 1 floating holiday for non-exempt employees
- 1 paid day off for employee’s birthday, paid year-end holiday shutdown, and 4 paid days off for personal wellness determined by Cisco
- Non-exempt employees receive 16 days of paid vacation time per full calendar year, accrued at rate of 4.92 hours per pay period for full-time employees
- Exempt employees participate in Cisco’s flexible vacation time off program, which has no defined limit on how much vacation time eligible employees may use (subject to availability and some business limitations)
- 80 hours of sick time off provided on hire date and each January 1st thereafter, and up to 80 hours of unused sick time carried forward from one calendar year to the next
- Additional paid time away may be requested to deal with critical or emergency issues for family members
- Optional 10 paid days per full calendar year to volunteer
- For non-sales roles, employees are also eligible to earn annual bonuses subject to Cisco’s policies.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Number of Employees
5,001-10,000 employees
