Cisco · 1 week ago
Principal Machine Learning Engineer
San Jose, CA
Full-time
Onsite
Lead/Staff
$292K/yr - $369K/yrCisco is an innovative company revolutionizing how data and infrastructure connect and protect organizations in the AI era. They are seeking a Principal Machine Learning Engineer to design and build automated workflows for threat triage and response, prototype new AI features, and collaborate with cross-functional teams to enhance security operations.
Communications InfrastructureEnterprise SoftwareHardwareSoftware
Responsibilities
Design and build agentic workflows that combine detection signals, context, and playbooks to automate threat triage and response
Prototype and test new AI features—from enrichment agents to incident summarization—working closely with security SMEs to validate real-world utility
Develop an AIOps pipeline to enable rapid experimentation with prompts, models, and RAG systems, using clear, measurable success criteria to evaluate iterations
Evaluate model outputs for accuracy, reliability, and usability, then prototype and deploy improvements based on structured feedback and testing
Collaborate with product and platform teams to co-design AI-enhanced TDIR workflows that are intuitive, scalable, and immediately useful to analysts
Contribute to the core architecture powering AI-native security operations, helping to shape how Splunk and Cisco scale trusted automation across the enterprise
Qualification
Required
Security Operations Experience – Understanding of security operations concepts, including detection, triage, investigation, and response
Security Telemetry Fluency – Comfortable working with common data sources such as endpoint logs, network traffic, authentication events, or cloud audit trails—and understanding how they're used in detection and investigation workflows
Senior-Level Python Development – Consistent record building scalable backend services, APIs, and automation workflows in Python
DevOps/SecOps Practices – Proficient with CI/CD pipelines, version control (GitHub/GitLab), Jira, and automated testing frameworks
Security Automation – Experience building and integrating with product APIs to drive SecOps efficiency
Cross-Functional Collaboration – Comfortable partnering with product managers, security SMEs, and engineers to iterate quickly and deliver impactful solutions
Prompt Engineering & LLM Integration – Skilled in crafting, testing, and optimizing prompts for large language models. Ideally, you have contributed to or shipped an AI-powered feature or product, and understand the nuances of integrating LLMs into real-world workflows—including usability, performance, and trust considerations
AI Evaluation & Experimentation – Capable of designing experiments to evaluate LLM output for accuracy, usability, performance, and cost
Preferred
SOAR/SIEM Familiarity – Experience working with security data and/or tools such as SIEM/SOAR platforms (e.g., Splunk), whether from a practitioner, developer, or automation perspective
Splunk Enterprise Security (ES) Experience – Familiarity with ES architecture, correlation searches, notables, and risk-based alerting. Bonus if you've worked with Splunk's APIs, internals, or have experience developing on the Splunk platform
Security Operations Background – Former Tier 3 SOC analyst or equivalent, with experience automating SecOps workflows and building scalable, resilient detection infrastructure
RAG and Vector Search Implementation – Hands-on experience developing retrieval-augmented generation pipelines and working with vector databases (e.g., FAISS, Pinecone)
LLM Fine-Tuning and Embeddings – Exposure to fine-tuning large language models or generating custom embeddings for domain-specific tasks in cybersecurity
Security Data Engineering – Experience building and maintaining pipelines for ingesting, parsing, and normalizing large-scale security telemetry
UX and Human Factors for Analysts – Background or interest in designing intuitive, AI-assisted analyst workflows with a focus on usability, trust, and decision support
Benefits
Medical, dental and vision insurance
401(k) plan with a Cisco matching contribution
Paid parental leave
Short and long-term disability coverage
Basic life insurance
10 paid holidays per full calendar year, plus 1 floating holiday for non-exempt employees
1 paid day off for employee’s birthday
Paid year-end holiday shutdown
4 paid days off for personal wellness determined by Cisco
16 days of paid vacation time per full calendar year, accrued at rate of 4.92 hours per pay period for full-time employees
Flexible vacation time off program
80 hours of sick time off provided on hire date and each January 1st thereafter
Up to 80 hours of unused sick time carried forward from one calendar year to the next
Additional paid time away may be requested to deal with critical or emergency issues for family members
Optional 10 paid days per full calendar year to volunteer
Annual bonuses subject to Cisco’s policies
Company
Cisco
Cisco develops, manufactures, and sells networking hardware, telecommunications equipment, and other technology services and products. It is a sub-organization of Cisco Press.
Founded in 1984
10001+ employees
H1B Sponsorship
Cisco has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (1238)
2024 (1231)
2023 (1273)
2022 (2127)
2021 (1991)
2020 (1173)
Funding
Current Stage
Public CompanyTotal Funding
unknown1990-02-13IPO
Leadership Team
Chuck Robbins
Chair and CEO
Carl Solder
Chief Technology Officer - Cisco System Australia/New Zealand
Recent News
Company data provided by crunchbase