Security Compliance Engineer

Meet the Team 

As a member of the Integrated Risk and Compliance team within Cisco’s Network Platform Security Organization (NPSO), you will help ensure Cisco’s networking platforms meet the security, compliance, and regulatory expectations of enterprise, government, and regulated customers. The team works across product, engineering, security, legal, privacy, and customer-facing organizations to translate complex compliance obligations into clear, actionable technical outcomes.

The Integrated Risk and Compliance team supports regulatory assessments, control validation, risk assessment, privacy guidance, and continuous compliance across Cisco’s networking portfolio. We explain system architecture, document security controls, coordinate evidence collection, assess regulatory impact, performance privacy along with risk assessment, and drive remediation activities so Cisco solutions can be deployed with confidence in complex and highly scrutinized environments.

Your Impact 

• Act as the primary technical point of contact for IRAP assessments and commercial compliance/regulatory inquiries. 
• Explain Dashboard infrastructure, system architecture, data flows, and security controls to assessors and regulators. 
• Partner with global Compliance and Security teams to prepare evidence, documentation, and responses for IRAP. 
• Coordinate with Engineering Teams to validate and implement required controls. 
• Track changes to ASD ISM, IRAP guidance, Essential Eight, Australian government cloud/security expectations, and applicable privacy or critical infrastructure requirements; assess impact to Dashboard services. 
• Contribute to audit readiness, remediation efforts, and continuous compliance improvements. 
• Maintain IRAP control mappings against Cisco CCF controls, including applicability, implementation status, ownership, evidence sources, and compensating controls.
• Own the end-to-end IRAP assessment lifecycle, including scope definition, assessor engagement, evidence collection, assessment logistics, report review, and post-assessment remediation tracking.
• Translate IRAP findings into prioritized engineering requirements, risk treatment plans, exceptions, and executive-level status reporting.
• Review IRAP assessment reports, letters of completion, and customer-facing assurance materials for technical accuracy and consistency.

Minimum Qualifications

• Bachelor’s degree in Computer Science, Engineering, Information Security, or a related field, or equivalent practical experience.
• 3-7 years of experience in security engineering, cloud/infrastructure engineering, security assurance, or technical compliance.
• Strong understanding of cloud infrastructure, networking, system architecture, identity and access management, encryption, logging, vulnerability management, and security control implementation.
• Experience supporting security assessments or compliance frameworks such as IRAP, ASD ISM, ISO 27001, SOC 2, PCI DSS, FedRAMP, or similar.
• Ability to interpret security control requirements and translate them into technical evidence, architecture narratives, remediation plans, and engineering requirements.
• Ability to clearly explain complex technical and compliance topics to engineers, assessors, customers, auditors, and non-technical stakeholders.
• Experience coordinating cross-functional work with Security, Compliance, Engineering, Legal, Product, and customer-facing teams. 

Preferred Qualifications

• Familiarity with ASD ISM, IRAP assessment processes, Essential Eight, or Australian government cloud security expectations.
• Experience with cloud compliance programs for government or regulated customers.
• Background working with global or multinational technology companies

• Experience creating or maintaining system security plans, control matrices, architecture diagrams, data flow diagrams, or customer-facing security documentation.
• Relevant certifications such as CISSP, CCSP, CISM, CISA, ISO 27001 Lead Implementer/Auditor, AWS/Azure/GCP security certifications, or equivalent.

At Cisco, we’re revolutionizing how data and infrastructure connect and protect organizations in the AI era – and beyond. We’ve been innovating fearlessly for 40 years to create solutions that power how humans and technology work together across the physical and digital worlds. These solutions provide customers with unparalleled security, visibility, and insights across the entire digital footprint.

Fueled by the depth and breadth of our technology, we experiment and create meaningful solutions. Add to that our worldwide network of doers and experts, and you’ll see that the opportunities to grow and build are limitless. We work as a team, collaborating with empathy to make really big things happen on a global scale. Because our solutions are everywhere, our impact is everywhere. 

We are Cisco, and our power starts with you.