Webex Federal Security and Compliance Technical Architect

The application window is expected to close on 10 / 21 / 24.

Who We Are

The Webex Cloud and Infrastructure Platform Engineering group runs / develops the platform for various Webex collaboration services and shapes the future of work.

We have 3 US Federal cloud service offers authorized under FedRAMP, with continued expansion and evolution of services. The Webex Government Security & Compliance (WxGSC) team is responsible for leading projects and programs related to ongoing authorization compliance (continuous monitoring, documentation, annual audits, sponsor engagement, authorization body engagement, significant changes, etc.

and initial service authorization. We are committed to centralizing, standardizing, and evolving compliance management across our multiple services.

Who You Are

We're seeking a skilled expert security and compliance architect who can bring broad and in-depth experience, dedication, strong leadership, and a collaborative approach while growing in a dynamic multi-functional organization on highly complex technical programs.

What You'll Do

Working within the WxGSC team, you'll be part of a dedicated team responsible for running FedRAMP programs and projects related to continuous authorization compliance, expansion of service and capabilities, and larger, sophisticated, multi-functional US Federal offer-related programs and projects.

You will prime compliance activities for one of our FedRAMP offers, assessing technical and process implementation for security and compliance, identifying compliant solution options, assessing changes for compliance impacts, assessing deviation requirements, advising the large multi-functional team on compliance requirements, and ensuring alignment of compliance documentation and external work product.

This is a highly multi-functional role involving engagement with various teams across the larger Collaboration organization, including architects, security compliance, development and engineering, operations, product management, support, and other project managers, as well as other internal Cisco corporate functional organizations and 3rd party vendors / service providers / auditors.

You may also work with external US Federal agencies.

Additional Responsibilities

• FedRAMP Support : Assist in achieving and maintaining FedRAMP authorization for the organization's cloud services, including preparing necessary documentation and supporting audit processes.
• Security Architecture : Design and support the implementation of secure cloud architectures that meet federal compliance and security standards.
• Risk Management : Support the identification, assessment, and mitigation of security risks within cloud environments by assisting in the implementation of appropriate security controls.
• Compliance Assurance : Ensure the cloud environment meets federal laws, standards, and guidelines, such as NIST 800-53, FIPS 199, and FISMA.
• Documentation : Assist in developing and maintaining security documentation, including System Security Plans (SSP), security policies, and procedures required for FedRAMP.
• Collaboration : Work closely with internal teams (engineering, legal, compliance) and external partners (3PAO, government agencies) to ensure alignment with compliance and security objectives.
• Continuous Monitoring : Support the establishment and maintenance of ongoing monitoring processes to ensure ongoing compliance with FedRAMP requirements.
• Security Assessments : Participate in regular security assessments, vulnerability scans, and penetration tests, and help in the remediation of identified vulnerabilities.
• Incident Response : Assist in the development and implementation of incident response plans, ensuring the readiness of the organization to handle security incidents.
• Training : Provide support and training to team members on security standard methodologies, FedRAMP requirements, and cloud security principles.

Basic Qualifications

• 12+ years of relevant professional experience with at least 5 years of Cyber-Security experience
• Prior FedRAMP ATO experience and NIST 800-53, FedRAMP or DoD compliance experience
• Solid understanding of data centers and cloud computing platforms (e.g., AWS, Azure, Google Cloud) and their security features, including security tools and technologies (e.

g., SIEM, IDS / IPS, vulnerability scanners)

• Knowledge of risk management frameworks and continuous monitoring processes
• Bachelors or higher degree in a related technical field or equivalent experience in software engineering

The successful applicant will be performing work in a FedRAMP environment, and therefore, must be a U.S. Person (i.e., U.

S. citizen, U.S. national, lawful permanent resident, asylee, or refugee). This position may also perform work that the U.

S. government has specified can only be performed by a U.S. citizen on U.S. soil.

Preferred Qualifications

• Exceptional organizational, communication, interpersonal, and relationship-building skills conducive to collaboration
• Dynamic, flexible, and able to thrive in a fast-paced, multi-functional, matrix management environment
• Superb communication skills with an effective ability to articulate messages to various audiences
• Prior experience working in a federal contracting environment or with government agencies
• Experience supporting or performing security audits and collaborating with 3PAO (Third-Party Assessment Organizations)
• Cloud Hosted services and operations experience
• Cloud Security Operations experience
• Cisco Contact Center Enterprise experience
• Familiarity with DevSecOps practices and integrating security into CI / CD pipelines
• Knowledge of additional compliance frameworks such as HIPAA, SOC 2, or ISO 27001

Why Cisco?

WeAreCisco. We are all unique, but collectively we bring our talents to work as a team, to develop innovative technology and power a more inclusive, digital future for everyone.

How do we do it? Well, for starters - with people like you!

Nearly every internet connection around the world touches Cisco. We're the Internet's optimists. Our technology makes sure the data traveling at light speed across connections does so securely, yet it's not what we make but what we make happen which marks us out.

We're helping those who work in the health service to connect with patients and each other; schools, colleges, and universities to guide in even the most exciting of times.

We're helping businesses of all shapes and sizes to connect with their employees and customers in new ways, providing people with access to the digital skills they need and connecting the most remote parts of the world - whether through 5G, or otherwise.

We take on whatever challenges come our way. We have each other's backs, we recognize our accomplishments, and we grow together.

We celebrate and support one another - from big and small things in life to big career moments. And giving back is at our core (we get 10 days off each year to do just that).

We know that powering an inclusive future starts with us. Because without diversity and a dedication to equality, there is no moving forward.

Our 30 Inclusive Communities, which bring people together around commonalities or passions, are leading the way. Together we're committed to learning, listening, and caring for our communities, whilst supporting the most vulnerable with a collective effort to make this world a better place either with technology or through our actions.

So, you have colorful hair? Don't care. Tattoos? Show off your ink. Like polka dots? That's cool. Pop culture geek? Many of us are.

Passion for technology and world-changing? Be you, with us! #WeAreCisco

CollabFY25