Compliance Information Security Engineer

Job posting may be removed earlier if the position is filled or if a sufficient number of applications are received.

The application window is expected to close on 01/30/2026.

Job posting may be removed earlier if the position is filled or if a sufficient number of applications are received.

Meet the Team

In today's constantly evolving digital landscape, security is a shared responsibility. At Cisco, the Security and Trust Organization (STO) is central to building a secure infrastructure and fostering customer trust. As a key enabler of Cisco's mission to be the #1 Trusted Business Partner, STO leads the innovation, training, and implementation of security and trust capabilities across all Cisco products. Reporting to Cisco's Chief Security and Trust Officer, STO is foundational in embedding security into every aspect of Cisco's operations.

Your Impact

The Cloud Assurance, Readiness & Compliance (CloudARC) team within STO is responsible for ensuring Cisco's cloud offering portfolio demonstrates the highest levels of security assurance to our global customers while maintaining cybersecurity compliance and certifications required to access markets around the world. Our team plays a leading role in understanding customer needs for security, privacy, data protection, and customer data management. We inform, support, and collaborate with customers, Sales, Engineering, Supply Chain, Government Affairs and Legal; building industry leading trust and transparency through security and compliance.

Role Description

The Compliance Information Security Engineer will play a meaningful role in attaining and maintaining compliance certifications for Cisco cloud offerings across the globe, and supporting compliance and regulatory frameworks such as SOC2, ISO27001/17/18, ENS, C5, etc. This role will be responsible for facilitating compliance readiness,control assessments and external audits in collaboration with CloudARC leadership, Product Management, and Engineering. In addition, the candidate willprovide compliancereadiness support, andsupport local initiatives related to data privacy, security, and cloud compliance.

The ideal candidate is enthused by the idea of compliance as a business enabler, has hands-on experience with multiple compliance and regulatory frameworks (e.g. SOC2, ISO27001/17/18, CSA STAR. Spain ENS, Germany C5, Japan ISMAP, Australia IRAP etc.) and has proven experience assessing sophisticated product ecosystems against cloud control frameworks. This role is ideal for the strategic problem solver who is passionate about building scalable compliance capabilities, can clearly communicate technical requirements to stakeholders across the business ecosystem, and is driven by the opportunity to be on the forefront of customer trust.

Key Responsibilities

• Support security compliance and regulatory audits in Cisco's cloud compliance portfolio.

• Collaborate with a team of compliance engineers to develop and execute common control strategies, ensuring consistency across audits.

• Partner with Cisco Business Units (BUs) to support the adoption and compliance with Common Cloud Controls.

• Serve as a subject matter expert for relevant security compliance frameworks, providing guidance and expertise to product and engineering teams.

• Conduct information security assessments over a portfolio of products and prepare reports summarizing compliance results and remediation plans.

• Work with CloudARC leaders and Product Management to develop and maintain the Product Compliance roadmaps for Cisco Cloud offerings.

• Support initiatives related to data privacy, security, and cloud compliance requirements.

Required Skills:

• 2+ yearsof experience in a security or compliance role.

• Bachelor's degree inInformation Security,Computer Science, or a related field.

• Hands-on experience working with cloud platforms, particularly AWS or other major cloud environments.

• Deep expertise in regulatory compliance and security frameworks such as ISO 27001/17/18, SOC2, C5, ENS, and similar standards.

• Strong understanding of key IT security processes and services, including Secure SDLC, Identity and Access Management (IAM), Vulnerability Management, and Backup/Disaster Recovery.

Preferred Skills:

• Industry certifications such asCISA,CISSP,CCSK, or equivalent certifications.

• Master's degree inInformation Security,Computer Science, or related field.

• Consistent track record in supporting delivery of compliance reports and certifications.

• Experience partnering with auditors to drive attainment and maintenance of compliance certifications.

• Excellent communication skills, with the ability to collaborate effectively across technical and non-technical teams.

• Highly organized and adaptable, with demonstrated success leading multiple priorities in a fast-paced, evolving environment.

• Team-oriented mindset, with a dedication to collaboration, knowledge sharing, and continuous improvement.

At Cisco, we're revolutionizing how data and infrastructure connect and protect organizations in the AI era - and beyond. We've been innovating fearlessly for 40 years to create solutions that power how humans and technology work together across the physical and digital worlds. These solutions provide customers with unparalleled security, visibility, and insights across the entire digital footprint.

Fueled by the depth and breadth of our technology, we experiment and create meaningful solutions. Add to that our worldwide network of doers and experts, and you'll see that the opportunities to grow and build are limitless. We work as a team, collaborating with empathy to make really big things happen on a global scale. Because our solutions are everywhere, our impact is everywhere.

We are Cisco, and our power starts with you.

Individual pay is determined by the candidate's hiring location, market conditions, job-related skillset, experience, qualifications, education, certifications, and/or training. The full salary range for certain locations is listed below. For locations not listed below, the recruiter can share more details about compensation for the role in your location during the hiring process.

U.S. employees are offered benefits, subject to Cisco's plan eligibility rules, which include medical, dental and vision insurance, a 401(k) plan with a Cisco matching contribution, paid parental leave, short and long-term disability coverage, and basic life insurance. Please see the Cisco careers site to discover more benefits and perks. Employees may be eligible to receive grants of Cisco restricted stock units, which vest following continued employment with Cisco for defined periods of time.

U.S. employees are eligible for paid time away as described below, subject to Cisco's policies:

• 10 paid holidays per full calendar year, plus 1 floating holiday for non-exempt employees

• 1 paid day off for employee's birthday, paid year-end holiday shutdown, and 4 paid days off for personal wellness determined by Cisco

• Non-exempt employees** receive 16 days of paid vacation time per full calendar year, accrued at rate of 4.92 hours per pay period for full-time employees

• Exempt employees participate in Cisco's flexible vacation time off program, which has no defined limit on how much vacation time eligible employees may use (subject to availability and some business limitations)

• 80 hours of sick time off provided on hire date and each January 1st thereafter, and up to 80 hours ofunused sick timecarried forwardfrom one calendar yearto the next

• Additional paid time away may be requested to deal with critical or emergency issues for family members

• Optional 10 paid days per full calendar year to volunteer

For non-sales roles, employees are also eligible to earn annual bonuses subject to Cisco's policies.

Employees on sales plans earn performance-based incentive pay on top of their base salary, which is split between quota and non-quota components, subject to the applicable Cisco plan. For quota-based incentive pay, Cisco typically pays as follows:

• .75% of incentive target for each 1% of revenue attainment up to 50% of quota;

• 1.5% of incentive target for each 1% of attainment between 50% and 75%;

• 1% of incentive target for each 1% of attainment between 75% and 100%; and

• Once performance exceeds 100% attainment, incentive rates are at or above 1% for each 1% of attainment with no cap on incentive compensation.

For non-quota-based sales performance elements such as strategic sales objectives, Cisco may pay 0% up to 125% of target. Cisco sales plans do not have a minimum threshold of performance for sales incentive compensation to be paid.

The applicable full salary ranges for this position, by specific state, are listed below:

New York City Metro Area:

Non-Metro New York state & Washington state:

* For quota-based sales roles on Cisco's sales plan, the ranges provided in this posting include base pay and sales target incentive compensation combined.

** Employees in Illinois, whether exempt or non-exempt, will participate in a unique time off program to meet local requirements.