Cisco ISE Architect - DHS

CyKor, LLCAlexandria, VA
just now
Match Resume

About The Position

CyKor is a fast-growing Service-Disabled Veteran Owned business providing full-service IT solutions to both federal and commercial clients. We attribute our continued growth to our core values, our professional team, and the valuable relationships with our clients. Our small and growing team fosters an environment in which each team member is respected, valued, and appreciated for their contributions. Role Overview: We are seeking a Cisco Identity Services Engine (ISE) Subject Matter Expert (SME) to support the design, development, testing, and deployment of Comply-to-Connect (C2C) identity and authorization solutions for DHS networks. This Architect will help design and develop an end-to-end C2C framework that aligns with DoD Zero Trust principles and security compliance requirements.

Requirements

  • Active DoD Secret Clearance (or higher)
  • IAT Level III certification such as CCIE Security, CCNP Security, or Cisco ISE Specialist / DoD 8570/8140: Security+ CE, CISSP, or CASP+
  • 7+ years of ISE design and deployment experience in DoD environments
  • Proven experience implementing DoD C2C solutions, including endpoint identification, compliance enforcement, and automated remediation workflows
  • 802.1X/EAP-TLS, supplicant configuration (Windows/macOS/Linux), MAB fallback, guest/BYOD posture and profiling
  • TrustSec/SGT design
  • pxGrid, ERS/REST APIs, Python automation
  • Enterprise PKI (DoD PKI/CAC, AD CS, SCEP/EST)
  • Core routing/switching, TACACS+, wireless integration
  • Familiarity with DISA STIGs, RMF, ACAS/Tenable, and audit documentation
  • Scripting experience (Python, REST APIs), version control (Git), and Infrastructure-as-Code familiarity

Responsibilities

  • Lead architecture and design of Cisco ISE 3.x solutions (multi-node personas, PSN scaling, redundancy, PKI integration, backup/DR).
  • Map ISE capabilities (802.1X/EAP-TLS, MAB, profiling, posture, SGT/TrustSec, pxGrid, TACACS+) to DoD C2C controls and Zero Trust policies.
  • Design and document high-level (HLD) and low-level (LLD) architectures, test plans, cutover/runbooks, and operational documentation.
  • Work jointly with another Architect to ensure consistent design standards and interoperability across USCG network segments.
  • Support configuration, testing, and deployment of ISE-based NAC solutions across campus, data center, and wireless infrastructures.
  • Integrate ISE with adjacent tools and platforms, including: o SIEMs (Splunk/Elastic) o Next-Generation Firewalls o Endpoint Protection/EDR, MDM/UEM (Intune, JAMF) o Vulnerability Management (Tenable/ACAS) o ITSM platforms
  • Support RMF/ATO documentation (SSP inputs, POA&Ms, control traceability).
  • Act as the technical SME and primary liaison for DHS stakeholders, security teams, and third-party vendors.
  • Participate in joint architecture reviews and cross-domain integration testing with DHS engineering teams.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Mid Level

Education Level

No Education Listed

Job Search Resources

Similar Cisco ISE Architect - DHS job opportunities

Direct Support Professional
MARC INC OF MANCHESTER
MARC INC OF MANCHESTER • Manchester, CT1d • Onsite
Chief Enterprise Architect
Computacenter2024
Computacenter2024 • Chicago, GA11d • $160,000 - $200,000
ISE Network Engineer
Core4ce Careers
Core4ce Careers • Falls Church, VA4d • Onsite
ISE Planning Project Manager
Home Depot
Home Depot • Atlanta, GA4d
ISE Planning Project Manager
The Home Depot
The Home Depot • Atlanta, GA5d
ISE Planning Project Manager
The Home Depot
The Home Depot • Atlanta, GA5d
Explore More Jobs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service