JOB TITLE: Cisco Identity Service Engine (ISE) Engineer
DEPARTMENT: Government Agency – Washington, DC
GENERAL JOB DESCRIPTION:
The Network Security Engineer will perform duties/tasks specifically related to engineering of Cisco Identity Services Engine (ISE), Wireless LAN (WLAN), Prime Infrastructure (PI) and Adaptive Security Appliance (ASA). You will provide policy management and control platform for wired, wireless, and VPN users. ISE is currently used for 802.1X authentication and Network Access Controls across all mediums utilizing the 802.1X framework. AnyConnect is currently deployed for VPN access along with Posture and Application Visibility modules.
QUALIFICATIONS FOR THE JOB:
The Network Security Engineer should have strong business communication skills with strong verbal communications to interface effectively, strong customer service and must be able to effectively conduct and interpret tests and troubleshoot solutions of highly complex operational problems while being detailed oriented and organized, to understand Security Framework, ensure accuracy of work while being able to identify and resolve problems or inadequacies of systems operations.
MAJOR DUTIES & RESPONSIBILITIES:
- Excellent understanding of PKI infrastructure to assist, maintain and troubleshoot 802.1X EAP-TLS issues.
- Network Access Control (NAC) / Cisco Identity Services Engine (ISE) integration with wired data, wireless infrastructure, and VPN, as well as posture and client provisioning
- Configuration in wired, wireless, VPN configurations using device profiling, posturing, PxGrid, ThreatGrid and SGT’s
- Hands-On Cisco ISE experience required
- Build and analyze ISE rules to comply with client network security policies
- Ensure adherence to defined Network security processes.
- Proficient in the configuration, implementation and troubleshooting of Cisco ISE, Prime, MDM, ASA, DNS/DHCP, Network Load-Balancing, and 802.11a/b/g/n Wireless technologies and industry best practices.
- High level knowledge of Cisco security solutions including firewalls and advanced capabilities like FirePOWER services.
Preferred Technical Skills:
- Understanding of Microsoft PKI environment
- Configure and manage ISE deployment
- Enforcement of ISE on numerous floors at various sites
- Cisco AnyConnect Modules – (VPN, Posture, NAM)
- NetScaler Load-balancer
- 802.1X troubleshooting WLAN/Switching
- Microsoft Intune (MDM)
- Cisco Adaptive Security Appliance (ASA)
- Stealthwatch and Passive Identity (ISE-PIC) integration
- Knowledge of IBM BigFix, Microsoft SCCM and other network assessment tools
- Demonstrated ability to be detail oriented and organized
- Excellent communication and customer relationship skills
- Experience with Service Now ticketing system