Security Engineer, FedRAMP ISSO

Published on 02/27/2024Cisco - Washington, DC


The successful applicant will be performing work in FedRAMP High or IL-5 environments, and therefore, must be a U.S. Person (i.e. U.S. citizen, U.S. national, lawful permanent resident, asylees, or refugee). This position may also perform work that the U.S. government has specified can only be performed by a U.S. citizen on U.S. soil.

Who We Are:

In today's dynamic digital environment, security is everyone's job. At Cisco, the Security and Trust Organization is at the core of making infrastructure more secure. Your involvement in this strategic and results-oriented team will enable you to be part of one of Cisco's major objectives - to be the Number 1 Trusted Business partner to our customers.

The Global Cloud Compliance (GCC) group reports to Cisco's Chief Security and Trust Officer and owns the innovation, training, and implementation of security and trust features and processes across all of Cisco's products. GCC is responsible to drive compliance certifications across Cisco. This team is responsible for enabling and protecting cloud sales for our Commercial, US Government/Public Sector customers as well as many international standards bodies.

This team works with Sales and Business Unit partners to ensure the accurate security and trust features and functionality are included in new offer releases.

As a Security Engineer - FedRAMP ISSO within the GCC group your primary role requires an in depth understanding of various security certification frameworks including FedRAMP, DoD Cloud SRG, NIST, FISMA and other. This Security Engineer FedRAMP ISSO reports into the GCC leadership and is primarily responsible for work needed to obtain and maintain FedRAMP Authorizations for our cloud service offers.

What You'll Do:

  • Partner with Cisco SaaS teams pursuing new or maintaining FedRAMP, DOD Cloud ILs, and other US public sector cloud authorizations (StateRAMP, Tx-RAMP), and/or SaaS teams with offers currently holding FedRAMP and other US public sector authorizations to maintain those authorizations.

  • Participate in the development, review, and submission of cloud security authorization packages to authorizing officials/bodies.

  • Play an active role in designing and maintaining system documentation such as system security plans, system artifacts, policies, and procedures, plans of action and milestones.

  • Maintain, update, and implement information system continuous monitoring plans.

  • Support audit related activities, participates in information system security inspections, tests, and reviews, collection of evidence.

  • Assist and evaluate security system impacts with all Change Requests

Who You Are:

You have a passion for and deep hands-on experience in cloud security and bringing secure SaaS offers to the US Public Sector. You will support teams taking cloud service offers though their FedRAMP Journeys. You thrive in an agile and fast paced environment working with a sophisticated set of stakeholders to achieve program goals. You focus on delivering results with excellence. You can convey the most sophisticated concepts in the simplest of terms and see project though to a successful conclusion. Be intellectually curious and passionate about learning new technologies, compliance, security and standards in support of the team.

Minimum Qualifications:

  • Bachelors + 5 years of proven experience in cybersecurity experience or information security or cloud security experience, with preferred 2+ years of previous ISSO experience or information system security analyst on government systems

  • Experience with acquiring and maintaining FedRAMP and or DoD cloud authorizations for cloud service offers

  • Experience with cloud computing technologies

Preferred Qualifications:

  • Knowledge of FedRAMP, FISMA, NIST standards, RMF, DoD Cloud SRG, and Federal cybersecurity requirements.

  • CISSP or COMPTIA Security+ certification.

  • Ability to maintain sensitive and confidential information as required by government standards.

  • Excellent written, verbal, and interpersonal communication skills.

  • Ability to interact appropriately with the public when vital.

Why Cisco?

WeAreCisco. We are all unique, but collectively we bring our talents to work as a team, to develop innovative technology and power a more inclusive, digital future for everyone. How do we do it? Well, for starters - with people like you!

Nearly every internet connection around the world touches Cisco. We’re the Internet’s optimists. Our technology makes sure the data traveling at light speed across connections does so securely, yet it’s not what we make but what we make happen which marks us out. We’re helping those who work in the health service to connect with patients and each other; schools, colleges, and universities to teach in even the most challenging of times. We’re helping businesses of all shapes and sizes to connect with their employees and customers in new ways, providing people with access to the digital skills they need and connecting the most remote parts of the world - whether through 5G, or otherwise.

We tackle whatever challenges come our way. We have each other’s backs, we recognize our accomplishments, and we grow together. We celebrate and support one another - from big and small things in life to big career moments. And giving back is in our DNA (we get 10 days off each year to do just that).

We know that powering an inclusive future starts with us. Because without diversity and a dedication to equality, there is no moving forward. Our 30 Inclusive Communities, that bring people together around commonalities or passions, are leading the way. Together we’re committed to learning, listening, caring for our communities, whilst supporting the most vulnerable with a collective effort to make this world a better place either with technology, or through our actions.

So, you have colorful hair? Don’t care. Tattoos? Show off your ink. Like polka dots? That’s cool. Pop culture geek? Many of us are. Passion for technology and world changing? Be you, with us! #WeAreCisco


Cisco is an Affirmative Action and Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis.

Cisco will consider for employment, on a case by case basis, qualified applicants with arrest and conviction records.

Please Register or Login to apply for this job.