Job Title

Meet the Team We are an agile team with a startup feel and a strong bias for action. We move fast, embrace failure as part of the process, and stay focused on solving real-world problems for defenders on the front lines. Our team blends deep expertise in AI, cybersecurity, and platform engineering. We are driven by a shared belief that the only way to outpace hackers is through AI advancements that free up humans to tackle real threats and more challenging problems. This is a place for builders who thrive in ambiguity, challenge the status quo, and care deeply about making a meaningful impact. If youu2019re energized by tough problems, excited to shape the future of cyber defense, and eager to work alongside passionate experts, youu2019ll feel right at home. Your Impact + Design and build agentic workflows that combine detection signals, context, and playbooks to automate threat triage and response. + Prototype and test new AI features u2014from enrichment agents to incident summarizationu2014working closely with security SMEs to validate real-world utility. + Develop an AIOps pipeline to enable rapid experimentation with prompts, models, and RAG systems, using clear, measurable success criteria to evaluate iterations. + Evaluate model outputs for accuracy, reliability, and usability, then prototype and deploy improvements based on structured feedback and testing. + Collaborate with product and platform teams to co-design AI-enhanced TDIR workflows that are intuitive, scalable, and immediately useful to analysts. + Contribute to the core architecture powering AI-native security operations, helping to shape how Splunk and Cisco scale trusted automation across the enterprise. Minimum Qualifications Security: + Security Operations Experience u2013 Understanding of security operations concepts, including detection, triage, investigation, and response. + Security Telemetry Fluency u2013 Comfortable working with common data sources such as endpoint logs, network traffic, authentication events, or cloud audit trailsu2014and understanding how theyu2019re used in detection and investigation workflows. Engineering Experience: + Senior-Level Python Development u2013 Consistent record building scalable backend services, APIs, and automation workflows in Python. + DevOps/SecOps Practices u2013 Proficient with CI/CD pipelines, version control (GitHub/GitLab), Jira, and automated testing frameworks. + Security Automation u2013 Experience building and integrating with product APIs to drive SecOps efficiency. + Cross-Functional Collaboration u2013 Comfortable partnering with product managers, security SMEs, and engineers to iterate quickly and deliver impactful solutions. AI/LLM: + Prompt Engineering & LLM Integration u2013 Skilled in crafting, testing, and optimizing prompts for large language models. Ideally, you have contributed to or shipped an AI-powered feature or product, and understand the nuances of integrating LLMs into real-world workflowsu2014including usability, performance, and trust considerations. + AI Evaluation & Experimentation u2013 Capable of designing experiments to evaluate LLM output for accuracy, usability, performance, and cost Preferred Qualifications + SOAR/SIEM Familiarity u2013 Experience working with security data and/or tools such as SIEM/SOAR platforms (e.g., Splunk), whether from a practitioner, developer, or automation perspective. + Splunk Enterprise Security (ES) Experience u2013 Familiarity with ES architecture, correlation searches, notables, and risk-based alerting. Bonus if youu2019ve worked with Splunku2019s APIs, internals, or have experience developing on the Splunk platform. + Security Operations Background u2013 Former Tier 3 SOC analyst or equivalent, with experience automating SecOps workflows and building scalable, resilient detection infrastructure. + RAG and Vector Search Implementation u2013 Hands-on experience developing retrieval-augmented generation pipelines and working with vector databases (e.g., FAISS, Pinecone). + LLM Fine-Tuning and Embeddings u2013 Exposure to fine-tuning large language models or generating custom embeddings for domain-specific tasks in cybersecurity. + Security Data Engineering u2013 Experience building and maintaining pipelines for ingesting, parsing, and normalizing large-scale security telemetry. + UX and Human Factors for Analysts u2013 Background or interest in designing intuitive, AI-assisted analyst workflows with a focus on usability, trust, and decision support. Why Cisco? At Cisco, weu2019re revolutionizing how data and infrastructure connect and protect organizations in the AI era u2013 and beyond. Weu2019ve been innovating fearlessly for 40 years to create solutions that power how humans and technology work together across the physical and digital worlds. These solutions provide customers with unparalleled security, visibility, and insights across the entire digital footprint. Fueled by the depth and breadth of our technology, we experiment and create meaningful solutions. Add to that our worldwide network of doers and experts, and youu2019ll see that the opportunities to grow and build are limitless. We work as a team, collaborating with empathy to make really big things happen on a global scale. Because our solutions are everywhere, our impact is everywhere. We are Cisco, and our power starts with you. Message to applicants applying to work in the U.S. and/or Canada: The starting salary range posted for this position is $291,500.00 to $369,100.00 and reflects the projected salary range for new hires in this position in U.S. and/or Canada locations, not including incentive compensation, equity, or benefits. Individual pay is determined by the candidate's hiring location, market conditions, job-related skillset, experience, qualifications, education, certifications, and/or training. The full salary range for certain locations is listed below. For locations not listed below, the recruiter can share more details about compensation for the role in your location during the hiring process. U.S. employees are offered benefits, subject to Ciscou2019s plan eligibility rules, which include medical, dental and vision insurance, a 401(k) plan with a Cisco matching contribution, paid parental leave, short and long-term disability coverage, and basic life insurance. Please see the Cisco careers site to discover more benefits and perks. Employees may be eligible to receive grants of Cisco restricted stock units, which vest following continued employment with Cisco for defined periods of time. U.S. employees are eligible for paid time away as described below, subject to Ciscou2019s policies: + 10 paid holidays per full calendar year, plus 1 floating holiday for non-exempt employees + 1 paid day off for employeeu2019s birthday, paid year-end holiday shutdown, and 4 paid days off for personal wellness determined by Cisco + Non-exempt employees receive 16 days of paid vacation time per full calendar year, accrued at rate of 4.92 hours per pay period for full-time employees + Exempt employees participate in Ciscou2019s flexible vacation time off program, which has no defined limit on how much vacation time eligible employees may use (subject to availability and some business limitations) + 80 hours of sick time off provided on hire date and each January 1st thereafter, and up to 80 hours of unused sick time carried forward from one calendar year to the next + Additional paid time away may be requested to deal with critical or emergency issues for family members + Optional 10 paid days per full calendar year to volunteer For non-sales roles, employees are also eligible to earn annual bonuses subject to Ciscou2019s policies. Employees on sales plans earn performance-based incentive pay on top of their base salary, which is split between quota and non-quota components, subject to the applicable Cisco plan. For quota-based incentive pay, Cisco typically pays as follows: + .75% of incentive target for each 1% of revenue attainment up to 50% of quota; + 1.5% of incentive target for each 1% of attainment between 50% and 75%; + 1% of incentive target for each 1% of attainment between 75% and 100%; and + Once performance exceeds 100% attainment, incentive rates are at or above 1% for each 1% of attainment with no cap on incentive compensation. For non-quota-based sales performance elements such as strategic sales objectives, Cisco may pay 0% up to 125% of target. Cisco sales plans do not have a minimum threshold of performance for sales incentive compensation to be paid. The applicable full salary ranges for this position, by specific state, are listed below: New York City Metro Area: $291,500.00 - $424,400.00 Non-Metro New York state & Washington state: $259,400.00 - $377,600.00 For quota-based sales roles on Ciscou2019s sales plan, the ranges provided in this posting include base pay and sales target incentive compensation combined. Employees in Illinois, whether exempt or non-exempt, will participate in a unique time off program to meet local requirements.Cisco is an Affirmative Action and Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis. Cisco will consider for employment, on a case by case basis, qualified applicants with arrest and conviction records.