Leader, Information Security

About ThousandEyes (part of Cisco)

The name ThousandEyes was born from two big ideas: the power to see what’s not ordinarily possible, and the ability to collect intelligence from vantage points as diverse and global as the Internet. As organizations depend on cloud services, the Internet has become their defacto network connecting cloud applications to users. Our Internet and cloud intelligence platform is like a ‘Google maps of the Internet’, providing the only collectively powered view of digital experiences end-to-end. We enable our customers made up of the world’s largest and fastest-growing brands, to identify problems before they impact revenue, brand reputation, or employee productivity.

In August 2020, Cisco Systems completed the acquisition of ThousandEyes, which now forms the ThousandEyes Business Unit within Cisco’s Network Services Business Group, and is a foundational component of Cisco’s growing Observability business.

About the Role

We're looking for a passionate Information Security Leader that can support ThousandEyes information security and privacy compliance initiatives, drive continuous improvement of our control environment and internal processes, and ensure that products and services meet and exceed ongoing industry standards. You will work cross-organizationally within Cisco to ensure the success of the ThousandEyes information security risk management program.

Responsibilities

Manages the development, deployment and execution of controls and defenses to ensure the security and/or privacy of company information, technology and information systems. Analyzes business needs and prioritizes for protection of critical systems and operational policies. Establishes and implements appropriate standards and criteria for infrastructure, software, communications and web firewall, access and encryption requirements. Evaluates potential business impacts from security breaches and provides strategic and tactical guidance to business decision-makers. Selects, develops and evaluates personnel to ensure the efficient operation of the function. Selects, develops, and evaluates personnel to ensure the efficient operation of the function.

• Lead the efforts towards compliance with industry standards, laws and regulations such as ISO 27001, Service Organization Controls, FISMA in the area of data security (confidentiality, integrity, availability) and privacy
• Knowledge of ISO 2700x, FISMA, NIST and CSA CCM frameworks, as well as global data protection and privacy laws
• Solid understanding of technologies and controls including those related to cloud security
• Responsible for internal audits as necessary to align with USPMF (Unified Security and Privacy Management Framework), customer and regulatory requirements
• Mentors teams on the ever evolving security best practices
• Evaluates new information security and privacy requirements and industry trends
• Reviews and recommends improvements to security and privacy controls
• Establishes and reports on key performance indicators related to security and privacy

Requirements

• BS in computer science (or equivalent)
• 8 years of experience in information security or related area
• 5 years of leadership experience with a focus on information security, risk management and policy
• one or more of the professional security certifications (GIAC, SSCP, CISA, CISSP)

Cisco is an Affirmative Action and Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis. Cisco will consider for employment, on a case by case basis, qualified applicants with arrest and conviction records. 

Compensation Range

186,800 USD - 251,300 USD 

Message to applicants applying to work in the US: 

When available, the salary range posted for this position reflects the projected hiring range for new hire, full-time salaries in U.S. locations, not including equity or benefits. For non-sales roles the hiring ranges reflect base salary only; employees are also eligible to receive annual bonuses. Hiring ranges for sales positions include base and incentive compensation target. Individual pay is determined by the candidate's hiring location and additional factors, including but not limited to skillset, experience, and relevant education, certifications, or training. Applicants may not be eligible for the full salary range based on their U.S. hiring location. The recruiter can share more details about compensation for the role in your location during the hiring process.

U.S. employees have access to quality medical, dental and vision insurance, a 401(k) plan with a Cisco matching contribution, short and long-term disability coverage, basic life insurance and numerous wellbeing offerings. Employees receive up to twelve paid holidays per calendar year, which includes one floating holiday, plus a day off for their birthday. Employees accrue up to 20 days of Paid Time Off (PTO) each year and have access to paid time away to deal with critical or emergency issues without tapping into their PTO. We offer additional paid time to volunteer and give back to the community. Employees are also able to purchase company stock through our Employee Stock Purchase Program.

Employees on sales plans earn performance-based incentive pay on top of their base salary, which is split between quota and non-quota components. For quota-based incentive pay, Cisco pays at the standard rate of 1% of incentive target for each 1% revenue attainment against the quota up to 100%.  Once performance exceeds 100% quota attainment, incentive rates may increase up to five times the standard rate with no cap on incentive compensation. For non-quota-based sales performance elements such as strategic sales objectives, Cisco may pay up to 125% of target. Cisco sales plans do not have a minimum threshold of performance for sales incentive compensation to be paid.

Why Cisco

#WeAreCisco, where each person is unique, but we bring our talents to work as a team and make a difference powering an inclusive future for all.

We embrace digital, and help our customers implement change in their digital businesses. Some may think we’re “old” (36 years strong) and only about hardware, but we’re also a software company. And a security company. We even invented an intuitive network that adapts, predicts, learns and protects. No other company can do what we do –you can’t put us in a box! But “Digital Transformation” is an empty buzz phrase without a culture that allows for innovation, creativity, and yes, even failure (if you learn from it.)

Day to day, we focus on the give and take. We give our best, give our egos a break, and give of ourselves (because giving back is built into our DNA.) We take accountability, bold steps, and take difference to heart. Because without diversity of thought and a dedication to equality for all, there is no moving forward.

So, you have colourful hair? Don’t care. Tattoos? Show off your ink. Like polka dots? That’s cool. Pop culture geek? Many of us are. Passion for technology and world changing? Be you, with us.

We recognize that diverse teams make the strongest teams, and we encourage people from all backgrounds to apply.

Cisco COVID-19 Vaccination Requirements

The health and safety of Cisco's employees, customers, and partners is a top priority. Our goal is to protect and mitigate the spread of COVID-19 infection for strong business resiliency during the pandemic. Therefore, Cisco may require new hires to be fully vaccinated against COVID-19 if the role requires business-related travel, meeting with customers/partners (including visiting third-party sites on behalf of Cisco), attending trade events, and Cisco office entry, unless otherwise prohibited by applicable law, and in countries where COVID-19 vaccination is legally required. The company will consider legally required accommodations/exceptions for medical, religious, and other reasons as per the requirements of the role and in accordance with applicable law. Additional information will be provided to candidates about the requirements and accommodation process at the offer time based on region.