Cisco ISE Administrator (Identity Services Engine)

Job Description

As an ISE Administrator, you will identify endpoints, and enable the creation and enforcement of security and access policies for endpoint devices connected to the company’s routers and switches, in order to simplify identity management across diverse devices and applications.

Essential Duties and Responsibilities

• Configure, implement, and troubleshoot ISE
• Build and analyze ISE rules to comply with client network security policies
• Create policies for unseen network devices in a mixed environment, to include profiling devices, defining Downloadable Access Control Lists (DACL’s), and assigning Virtual Local Area Network (VLAN) to endpoints
• Implement 802.1x solutions to all “supplicant-enabled” devices via AnyConnect software and Network Access Manager (NAM) profiles using EAP-MSCHAPv2/TLS encryption methods
• Integrate with wired data, wireless infrastructure, and Virtual Private Network (VPN), as well as posture and client provisioning
• Configure and implement TACACS+ policies for network device administration.
• Manage firewall and network security systems by establishing and enforcing approved policies
• Analyze network security requirements and implement perimeter security changes
• Serve as a subject matter expert in coordinating and troubleshooting with customers, other infrastructure support activities and business units
• Develop network documentation of security infrastructure
• Monitor network performance and implement performance tuning as necessary
• Responsible for installing software, applying patches, managing file systems, and monitoring performance of ISE systems
• Performs data backups and restoration of managed systems
• Assist in the certification and accreditation process for managed systems and networks
• Install and deploy of new ISE hardware and software
• Review daily logs for managed systems and report on unusual activity
• Participate in the development and maintenance of Standard Operating Procedures (SOPs) associated with managed systems and applications
• Collaborate with IT staff on projects and initiatives
• Provide input for a monthly progress and status report

Qualifications

• ISE certifications: CCNP (SISE) highly desirable
• Solid experience configuring and troubleshooting routing and switched infrastructure (e.g. CCNA, CCNP Security) and security certifications highly desirable
• Experience in network security including: Device Hardening and patching
• Experience with Cisco AnyConnect or related supplicants
• Experience with Public Key Infrastructure (PKI) to assist, maintain and troubleshoot 802.1X EAP-TLS issues
• Experience with MAC Authentication Bypass (MAB) and 802.1X troubleshooting concepts
• Knowledge of Cisco AnyConnect Modules – (VPN, Posture, NAM)
• Diagnose and resolve complex network problems and improve network performance and reliability
• This position requires an active DoD Clearance (Secret, Top Secret, Top Secret/SCI) or the ability to be obtain an (Interim Secret, Interim Top Secret)
• Because an active or interim DoD clearance is required, U.S. Citizenship is required

Benefits

• Medical, dental & vision
• Critical Illness, Accident, and Hospital
• 401(k) Retirement Plan – Pre-tax and Roth post-tax contributions available
• Life Insurance (Voluntary Life & AD&D for the employee and dependents)
• Short and long-term disability
• Health Spending Account (HSA)
• Transportation benefits
• Employee Assistance Program
• Time Off/Leave (PTO, Vacation or Sick Leave)