About this role:
Cilium Tetragon is a flexible, Kubernetes-aware security tool, with real-time observability and enforcement. Leveraging the power of eBPF, Tetragon offers a low-overhead, in kernel solution that enhances security posture by monitoring system behaviors such as process executions, system call activities, and both network and file access events.
Tetragon Threat Detection Engineers primarily focus on creating and maintaining
Tetragon runtime security policies, based on the latest threat intelligence, vulnerability disclosures, and their own research.
Policies can act either as a mitigation to known vulnerabilities or as monitoring and protection against unknown security issues.
What you’ll do:
Develop and maintain Tetragon runtime security policies to ensure customers have good visibility of suspicious activity on their infrastructure and are protected against the latest emerging threats
Help design frameworks and architectures that allow customers to easily consume policies and understand their overall security posture
Monitor vulnerability disclosures (CVEs) and the latest threat intelligence to develop Tetragon runtime security policies
Work with software engineers at Isovalent and Cisco to improve and enhance the capabilities of Tetragon security policies
Interact with solution architects and customers as necessary to support and deploy Tetragon security policies in production
Publish content and give talks based on your work
Minimum Qualifications:
3+ years of experience in threat and/or vulnerability research
3+ years of experience in developing security detections at scale, for use in a wide range of environments
3+ years of experience working on Linux system security (e.g., capabilities, LSMs, etc.)
Good communication skills, both written and verbal
Preferred Qualifications:
Experience with eBPF (extended Berkeley Packet Filter) and its applications in security.
Experience with the cloud-native ecosystem (containers, Kubernetes, etc.) and their Linux implementation (e.g., Linux cgroups, namespaces)
At Cisco, we’re revolutionizing how data and infrastructure connect and protect organizations in the AI era – and beyond. We’ve been innovating fearlessly for 40 years to create solutions that power how humans and technology work together across the physical and digital worlds. These solutions provide customers with unparalleled security, visibility, and insights across the entire digital footprint.
Fueled by the depth and breadth of our technology, we experiment and create meaningful solutions. Add to that our worldwide network of doers and experts, and you’ll see that the opportunities to grow and build are limitless. We work as a team, collaborating with empathy to make really big things happen on a global scale. Because our solutions are everywhere, our impact is everywhere.
We are Cisco, and our power starts with you.
Skills Required
- 3+ years of experience in threat and/or vulnerability research
- 3+ years of experience in developing security detections at scale
- 3+ years of experience working on Linux system security (e.g., capabilities, LSMs)
- Good communication skills, both written and verbal
- Experience with eBPF (extended Berkeley Packet Filter)
- Experience with cloud-native ecosystem (containers, Kubernetes) and Linux implementation (cgroups, namespaces)
Cisco Compensation & Benefits Highlights
The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about Cisco and has not been reviewed or approved by Cisco.
-
Healthcare Strength — Comprehensive medical, dental, and vision coverage, mental health support via an EAP, and access to on-site or virtual health centers indicate robust healthcare offerings. Wellness programs, fitness resources, and specialized services further reinforce coverage depth.
-
Leave & Time Off Breadth — Generous PTO, a global minimum for paid parental leave, and unique programs like company-wide recharge days and paid volunteer time expand time-away options. Additional offerings such as Critical Time Off and adoption assistance add flexibility for life events.
-
Equity Value & Accessibility — Restricted stock units and a discounted employee stock purchase plan are meaningful elements of total compensation. The prominence of equity can materially augment overall pay packages alongside salary and bonuses.
Cisco Insights
What We Do
Cisco (NASDAQ: CSCO) enables people to make powerful connections--whether in business, education, philanthropy, or creativity. Cisco hardware, software, and service offerings are used to create the Internet solutions that make networks possible--providing easy access to information anywhere, at any time. Cisco was founded in 1984 by a small group of computer scientists from Stanford University. Since the company's inception, Cisco engineers have been leaders in the development of Internet Protocol (IP)-based networking technologies. Today, with more than 71,000 employees worldwide, this tradition of innovation continues with industry-leading products and solutions in the company's core development areas of routing and switching, as well as in advanced technologies such as home networking, IP telephony, optical networking, security, storage area networking, and wireless technology. In addition to its products, Cisco provides a broad range of service offerings, including technical support and advanced services. Cisco sells its products and services, both directly through its own sales force as well as through its channel partners, to large enterprises, commercial businesses, service providers, and consumers.









