Forensic Analyst Technical Leader

Job Summary: With the geopolitical landscape evolving daily, and high-profile attacks relentlessly targeting critical infrastructure and network providers, this requires a new standard of defence. Cybersecurity is the Cisco Security and Trust Organisation’s top priority. From product development to operations to data protection, we strive to embed security throughout our products. We have a requirement for an experienced threat researcher to join our team. This individual will specialise in understanding and analysing how threat actors exploit, compromise, and maintain persistence within network infrastructure platforms. This role focuses on developing deep insights into adversary tactics, techniques, and procedures (TTPs) specifically as they relate to networking, security, and collaboration solutions. Key Responsibilities: Forensic Analysis : Collect and analyse logs, packet captures, memory, and disk evidence from Cisco equipment to identify threat actor activity in customer networks. Network infrastructure Threat Analysis: Conduct in-depth research into security vulnerabilities and adversary TTPs, with a primary focus on how these impact or leverage Cisco infrastructure platforms (e.g., routers, switches, firewalls, security software, collaboration tools). Adversary Behaviour on network infrastructure: Analyse and document how threat actors achieve initial compromise, establish persistence, move laterally, and exfiltrate data when operating within or targeting environments utilising Cisco technologies. Information Dissemination: Produce clear, concise, and actionable threat intelligence reports, briefings, and advisories for internal stakeholders (e.g., product development, incident response, security operations) and potentially external customers, highlighting Cisco-specific implications and recommended mitigations. Vulnerability and Exploit Research: Investigate and understand how vulnerabilities within Cisco products could be exploited by adversaries, contributing to proactive defence strategies. Collaboration: Work closely with Cisco product teams, security engineers, incident responders, and other intelligence analysts to identify and fix vulnerabilities leading to active exploits. Minimum Qualifications and Experience: Australian Citizenship Preferably a current Positive Vetting (TSPV) security clearance or be willing to obtain The preferred applicant will be required to successfully complete an ASD Organisational Suitability Assessment (OSA), which is a mandatory requirement for this position. Proven experience in digital forensic analysis, threat research, cybersecurity research, or a related field. Strong understanding of adversary TTPs. Demonstrable knowledge of Cisco networking, security, or collaboration platforms and their underlying technologies. Experience with network and endpoint forensics Familiarity with operational security principles and practices. Desired Skills: Ability to analyse complex technical data and translate it into clear, actionable advice. Strong deductive reasoning ability Proactive problem solver and highly developed sense of curiosity Ability to work in a dynamic, rapidly moving work environment Excellent verbal and written communications skills Proficiency in at least one scripting language (e.g. Python, bash) Familiarity with C or C (for code review and white-box security research) Why Cisco? At Cisco, we’re revolutionizing how data and infrastructure connect and protect organizations in the AI era – and beyond. We’ve been innovating fearlessly for 40 years to create solutions that power how humans and technology work together across the physical and digital worlds. These solutions provide customers with unparalleled security, visibility, and insights across the entire digital footprint. Fueled by the depth and breadth of our technology, we experiment and create meaningful solutions. Add to that our worldwide network of doers and experts, and you’ll see tha ... (truncated, view full listing at source)