The application window is expected to close on: 04/22/2026

Job posting may be removed earlier if the position is filled or if a sufficient number of applications are received.

Meet the Team

We are looking for a seasoned, detail-oriented security professional to join our Unified Incident Command (UIC) team. UIC ensures a coordinated, clear, and effective response across Cisco Security & Trust (S&TO) incident teams when handling key security incidents. The core purpose of Unified Incident Command is to drive consistency, collaboration, decisiveness, and speed in incident response efforts. Our team is distributed around the globe, and delivers strategic oversight and coordination for high-impact security incidents, assurance and control to mitigate unnecessary escalation, informed decision making, and accurate, timely, and unbiased communication.

The Security Incident Manager is a senior role responsible for managing, documenting and communicating with key team members for enterprise-level security incidents. The Security Incident Manager will act as a key liaison among Cisco’s S&TO investigations teams, as well as cross-functional partner teams such as: Engineering, Legal, Communications, Product Management, and IT. This individual will drive teams to ensure timely detection, containment, mitigation, and communication regarding threats, vulnerabilities and attacks, while minimizing operational disruptions.

This role can be performed anywhere in the United States.

Your Impact

Incident Response Leadership:

• Lead and ensure alignment across the working teams responsible for all phases of incident response, including detection, containment, analysis, mitigation, recovery and communication.
• Drive decision making and implementation of action plans to manage incidents, coordinating efforts across technical and business teams, as well as leaders and trusted subject matter experts.
• Identify gaps that are delaying decision-making and assign owners or call out to leadership to close such gaps.
• Ensure alignment to the organization's incident response frameworks, playbooks, and regulatory requirements.

Strategic Communication:

• Capture/document all facts, decisions, action items, partner team involvement, investigation progress, and core communication in the case management system, and ensure evidence materials are archived.
• Provide detailed, actionable reports during and after incidents, including root cause analysis and mitigation strategies.
• Serve as the main point of contact for incident updates to executive leadership and internal team members. And partner with external-facing stakeholders to ensure messaging is clear and consistent.

Collaboration and Coordination:

• Collaborate with S&TO incident teams (such as CSIRT, PSIRT, DCI), as well as Legal, IT, Engineering, Risk Management, Privacy and other organizations to ensure a unified response.
• Engage with customer-facing teams, third-party vendors, and customers when necessary.

Preparation and Readiness:

• Update and refine UIC documentation and processes to further define, streamline, and improve security incident response efforts, and ensure thoroughness/clarity of case documentation.
• Develop, maintain, and test incident response plans, playbooks, and escalation procedures.
• Conduct and support tabletop exercises and simulations to train and prepare teams.

Post-Incident Activities:

• Drive post-mortem sessions, capture and share key findings, and clearly assign ownership for long-term fixes / preventative measures identified during the sessions.

Compliance and Reporting:

• Support Cisco's effort to ensure compliance with regulations, certification obligations, and organizational policies during incident response.
• Stay informed about emerging threats and trends in cybersecurity to improve response capabilities.

Minimum Qualifications

• Bachelor’s degree.
• 3+ years of experience of security-related work in the Technology/IT Industry.
• Demonstrated experience managing incidents or crisis response, or leading multi-functional teams to deliver large-scale projects.
• Excellent written and verbal communication abilities in English.
• Experience engaging with senior-level security executives.

Preferred Qualifications

• Exceptional leadership skills, and the ability to make decisions under pressure.
• An ability to learn and apply new information quickly.
• Strong critical thinking, analytical, and problem-solving skills.
• A team-oriented, collaborative mentality, with the ability to coordinate/delegate an occasional 24 x 7 workload across geographic participants.
• Strong understanding of regulatory requirements and industry certifications and standards (e.g., CSL, DSL, PIPL, GDPR, HIPAA, FedRAMP, ISO, PCI-DSS).
• Certifications such as GIAC Certified Incident Handler (GCIH), CISSP, CISM, Security+, or Certified Information Systems Auditor (CISA).

Work Environment

• Remote work environment with some occasional on-site presence required as needed.
• On-call rotation availability to respond to critical incidents.
• Alternate work hours and job responsibilities may be required as the team manages 24x7x365 cybersecurity incidents within a global operations team.

Why Cisco? 

At Cisco, we’re revolutionizing how data and infrastructure connect and protect organizations in the AI era – and beyond. We’ve been innovating fearlessly for 40 years to create solutions that power how humans and technology work together across the physical and digital worlds. These solutions provide customers with unparalleled security, visibility, and insights across the entire digital footprint.

Fueled by the depth and breadth of our technology, we experiment and create meaningful solutions. Add to that our worldwide network of doers and experts, and you’ll see that the opportunities to grow and build are limitless. We work as a team, collaborating with empathy to make really big things happen on a global scale. Because our solutions are everywhere, our impact is everywhere. 

We are Cisco, and our power starts with you. 

Message to applicants applying to work in the U.S. and/or Canada:

The starting salary range posted for this position is $130,600.00 to $182,200.00 and reflects the projected salary range for new hires in this position in U.S. and/or Canada locations, not including incentive compensation*, equity, or benefits.

Individual pay is determined by the candidate's hiring location, market conditions, job-related skillset, experience, qualifications, education, certifications, and/or training. The full salary range for certain locations is listed below. For locations not listed below, the recruiter can share more details about compensation for the role in your location during the hiring process.

U.S. employees are offered benefits, subject to Cisco’s plan eligibility rules, which include medical, dental and vision insurance, a 401(k) plan with a Cisco matching contribution, paid parental leave, short and long-term disability coverage, and basic life insurance. Please see the Cisco careers site to discover more benefits and perks.  Employees may be eligible to receive grants of Cisco restricted stock units, which vest following continued employment with Cisco for defined periods of time.

U.S. employees are eligible for paid time away as described below, subject to Cisco’s policies:

• 10 paid holidays per full calendar year, plus 1 floating holiday for non-exempt employees

• 1 paid day off for employee’s birthday, paid year-end holiday shutdown, and 4 paid days off for personal wellness determined by Cisco

• Non-exempt employees** receive 16 days of paid vacation time per full calendar year, accrued at rate of 4.92 hours per pay period for full-time employees

• Exempt employees participate in Cisco’s flexible vacation time off program, which has no defined limit on how much vacation time eligible employees may use (subject to availability and some business limitations)

• 80 hours of sick time off provided on hire date and each January 1st thereafter, and up to 80 hours of unused sick time carried forward from one calendar year to the next

• Additional paid time away may be requested to deal with critical or emergency issues for family members

• Optional 10 paid days per full calendar year to volunteer

For non-sales roles, employees are also eligible to earn annual bonuses subject to Cisco’s policies.

Employees on sales plans earn performance-based incentive pay on top of their base salary, which is split between quota and non-quota components, subject to the applicable Cisco plan. For quota-based incentive pay, Cisco typically pays as follows:

• .75% of incentive target for each 1% of revenue attainment up to 50% of quota;

• 1.5% of incentive target for each 1% of attainment between 50% and 75%;

• 1% of incentive target for each 1% of attainment between 75% and 100%; and

• Once performance exceeds 100% attainment, incentive rates are at or above 1% for each 1% of attainment with no cap on incentive compensation.

For non-quota-based sales performance elements such as strategic sales objectives, Cisco may pay 0% up to 125% of target. Cisco sales plans do not have a minimum threshold of performance for sales incentive compensation to be paid.

The applicable full salary ranges for this position, by specific state, are listed below:

New York City Metro Area:

$152,400.00 - $255,100.00

Non-Metro New York state & Washington state:

$134,300.00 - $224,800.00

* For quota-based sales roles on Cisco’s sales plan, the ranges provided in this posting include base pay and sales target incentive compensation combined.

** Employees in Illinois, whether exempt or non-exempt, will participate in a unique time off program to meet local requirements.