Job Description: Cisco ISE Senior Engineer
Key Responsibilities· Design & Architectureo Lead the design and architecture of Cisco ISE solutions for enterprise-scale networks.o Develop and implement NAC (Network Access Control) policies, profiling, posture assessment, BYOD, and guest access solutions.o Integrate Cisco ISE with Active Directory, PKI, firewalls, VPNs, and other security platforms.o Provide recommendations for network segmentation, Zero Trust, and role-based access controls.· Implementation & Configurationo Deploy, configure, and optimize Cisco ISE in standalone or distributed deployments.o Implement TACACS+ and RADIUS for device administration and authentication.o Configure 802.1X authentication for wired and wireless clients.o Develop advanced policies using attributes, certificates, and dynamic VLAN assignments.· Operations & Supporto Perform root cause analysis and resolve complex ISE-related issues.o Maintain and upgrade Cisco ISE clusters, patches, and system integrations.o Monitor system performance, logs, and security incidents.o Create and maintain technical documentation, runbooks, and operational procedures.· Collaboration & Leadershipo Act as a subject matter expert (SME) for Cisco ISE in customer engagements or internal teams.o Mentor junior engineers and provide knowledge transfer.o Work with network, security, and infrastructure teams to ensure compliance with enterprise security standards and frameworks.o Engage in security audits and compliance assessments (e.g., ISO 27001, NIST, PCI-DSS).---
Qualifications· Education & Certificationso Bachelor’s degree in Computer Science, Information Technology, or related field (preferred).o Cisco certifications such as CCNP Security, CCIE Security, or Cisco ISE Specialist certification (highly desirable).
· Experienceo 3–5+ years of experience in network security engineering.o 3–5+ years of hands-on experience with Cisco ISE (design, implementation, operations).o Proven track record in designing NAC solutions for large enterprise or OT/IoT environments.
· Technical Skillso Strong knowledge of Cisco ISE (2.x/3.x), 802.1X, MAB, EAP protocols.o Experience with Active Directory/LDAP, PKI, and MFA integrations.o Knowledge of RADIUS, TACACS+, and device access policies.o Familiarity with Cisco DNA Center, ASA/Firepower, and VPN solutions.o Understanding Zero Trust security models, segmentation, and identity-based access.o Scripting (Python, REST APIs) for automation and reporting (optional but valuable).
· Soft Skillso Strong problem-solving and analytical skills.o Ability to lead technical discussions and influence design decisions.o Excellent written and verbal communication for both technical and executive-level audiences.o Ability to work independently and manage multiple priorities.---
Preferred Experience· Large-scale multi-site Cisco ISE deployments (50k+ endpoints).· Integration with third-party NAC, SIEM, or MDM solutions (e.g., Microsoft Intune, Splunk, Palo Alto).· Experience in OT/industrial environments with ISE segmentation.· Participation in compliance-driven security environments (finance, healthcare, energy, etc.).