Network Security Engineer

About The Position

Requirements

• Experience providing hands-on engineering and troubleshooting support for enterprise Cisco switches and routers within a large-scale network infrastructure
• Responsible for designing, configuring, monitoring, and troubleshooting Cisco ISE as a NAC/NAM platform, including TACACS+/RADIUS services, device administration policies, and wired/wireless 802.1X authentication.
• Experience working with Cisco ISE deployed on Cisco SNS‑3715 appliances, preferably in a two‑node clustered, high‑availability setup.
• Experience providing general wireless network support, including basic troubleshooting, controller interactions, and wireless access workflows.
• Hands‑on experience integrating Cisco ISE with Active Directory (AD) and LDAP, including identity lookups, group‑based policy decisions, and directory‑based authentication.
• Eight (8) years of experience in a large government organization with five (5) years in technical leadership, including four (4) years implementing, managing and troubleshooting Cisco ISE with expertise in: Authentication and authorization policies (RADIUS/TACACS+); 1X/EAP methods for wireless and wired access; Device profiling, posture checks, and endpoint compliance; Certificate‑based authentication (EAP‑TLS) and PKI integration; AAA integrations for switches, appliances, firewalls, and wireless controllers
• Experience supporting Cisco ISE integrations with Cisco 9800 Wireless LAN Controllers, including guest/registration page redirection and wireless onboarding.
• Experience migrating legacy NAC, RADIUS, or device authentication systems into Cisco ISE while aligning with Zero Trust principles.
• Four (4) years of experience supporting identity‑centric or Zero Trust architectures with strong knowledge of segmentation, certificate management, and endpoint posture controls.
• Solid understanding of telecommunications, network security, and Zero Trust best practices.
• Strong communication skills with the ability to explain Cisco ISE, NAC/NAM, and AAA concepts to both technical and non‑technical audiences.
• Bachelor’s degree in Information Technology, Cybersecurity, or a related field.
• ABILITY TO OBTAIN A DOL PUBLIC TRUST CLEARANCE (Must be a U.S. Citizen or Green Card Holder residing in the United States for more than 3.5 years

Nice To Haves

• Preferred certifications: Cisco CCNP Security, Cisco ISE Specialist, or similar identity/security certifications.

Responsibilities

• Support a large-scale routing and switching infrastructure by assisting the team with the operation and maintenance of Cisco Catalyst 9300, 3850, 2960 and Nexus 2k, 5k, 7k series switches.
• Troubleshoot and resolve Cisco ISE issues across RADIUS, TACACS+, 802.1X, device administration, and endpoint authentication.
• Deploy, configure, and maintain Cisco ISE running on two clustered Cisco SNS-3715 appliances, ensuring high availability and consistent policy enforcement.
• Provide general wireless support, including basic troubleshooting, wireless access workflows, and coordination with wireless infrastructure teams.
• Configure and support Cisco ISE integrations with Cisco 9800 WLCs, including guest/registration portals, wireless onboarding, and policy-driven access control.
• Integrate and maintain Cisco ISE with Active Directory (AD) and LDAP, including identity lookups, group-based authorization, and directory-based authentication workflows.
• Deploy, configure, and maintain Cisco ISE components, including: Policy Sets, Authorization Profiles, and Authentication Rules; TACACS+ device administration; 1X for wired and wireless networks; Profiling, posture, and compliance policies; Certificate-based authentication and PKI integrations.
• Monitor security events using ISE logs, syslog, and performing root cause analysis for authentication and access issues.
• Manage identity integrations, enforce security policies, and tune configurations to support Zero Trust and improve user experience.
• Perform routine health checks, upgrades, migrations, and document changes through SOPs, engineering designs, and implementation procedures.
• Work closely with engineering, operations, and compliance teams while mentoring junior staff and contributing to knowledge sharing efforts.

Benefits

• top-tier benefits package to invest in your physical, mental, and financial health and wellness