Cloud Technology Compliance Engineer

In today’s dynamic digital environment, security is everyone’s job. At Cisco, the Security and Trust Organization is at the core of making infrastructure more secure. Your involvement in this strategic and results-oriented team will enable you to be part of Cisco’s major objectives – to be the Number 1 Trusted Business partner to our customers. The STO reports to Cisco’s Chief Security and Trust Officer and owns the innovation, training, and implementation of security and trust features and processes across all of Cisco’s products.

The CloudARC group within the STO is responsible for driving all Compliance certifications across Cisco. The team enables and protects global Cloud sales for our Commercial customers, US Government and Federal agencies, as well as many international standards bodies. This team collaborates with Sales and Business Unit partners to ensure that security and trust features are included in new offer releases.

This Cloud Technology Compliance Engineer role supports the implementation of compliance strategies across Cisco Cloud by managing various security certifications such as AICPA SOC2, ISO, PCI, and other Commercial and International Certifications. The ideal candidate will be a compliance subject matter expert, capable of analyzing the details of various control frameworks, understanding Cisco Cloud’s current setup around people, processes, and technology, and conducting Internal Assessments for different frameworks while liaising with External Auditors.

The role involves working with a team of control auditors to provide strategy and support for global certification audits like SOC2, ISO, PCI, HIPAA, IRAP, C5, and others. Activities include performing internal readiness assessments and coordinating with external auditors to achieve required certifications.

Your Impact:

1. Collaborate with compliance engineers on developing and executing common controls and internal readiness assessments.
2. Develop testing strategies for internal assessments of SaaS-based Cloud products.
3. Partner with various Business Units to identify gaps and recommend remediation strategies.
4. Apply expertise in testing People, Process, and Technology Controls.
5. Liaise with external auditors and internal teams to support certification audits.
6. Serve as a subject matter expert on relevant Security Compliance frameworks, providing guidance to teams.

Minimum Qualifications:

1. College Degree – Bachelor’s or Master’s in Information Technology, Computer Science, or related fields.
2. 2-4 years of relevant experience in security or compliance roles.
3. Hands-on experience with AWS and other cloud environments.
4. Experience with security policies, standards, and controls definition.

Desired Qualifications:

1. Deep understanding of risk management methodologies, frameworks, and principles (e.g., AICPA SOC2, FedRAMP, ISO, PCI, HIPAA) for evaluating and recommending risk mitigation strategies.
2. Knowledge of core IT processes/services such as SDLC, Identity/User Access Management, Vulnerability Management, Backup, and Disaster Recovery processes.
3. Big 4 experience is a plus.
4. Excellent communication skills at all organizational levels.
5. Ability to prioritize and multitask in a fast-paced environment.