Ivanti Network Security Engineer Consultant

Ardent Technologies, Inc. is an accredited small business providing a full range of IT support services, cybersecurity services, staff augmentation, fiscal management, and administrative support. Headquartered in Dayton, OH, near Wright-Patterson Air Force Base, Ardent has served federal, state/local government, commercial, and higher education markets across the US since 2000. Our commitment to excellence, integrity, and client satisfaction drives our growth and yours.

Job Description

We are currently seeking a highly motivated Ivanti Network Security Engineer Consultant  to join our team for a project with our esteemed client. The ideal candidate will possess deep expertise in Ivanti Pulse Secure and Ivanti Connect Secure products and a proven track record of delivering quality results.

Required Skills:

• Possesses a minimum of five years (60 months) of hands-on experience with Ivanti Pulse Secure and Ivanti Connect Secure products.
• Demonstrates a strong understanding of Networking protocols, including but not limited to, and Security concepts such as firewalls, VPNs, encryption, and Authentication protocols (LDAP, SAML, RADIUS, MFA).
• Has practical experience with Next-Generation Firewalling technologies.
• Possesses a strong working knowledge of utilizing Active Directory for authentication, authorization, and resource access within the context of Ivanti Connect Secure.

Responsibilities:

Core Responsibilities and Essential Duties:

1. Assessment

Authentication Setup Assessment:

• Inventory all user realms, profiles, and configurations on the PSA devices.
• Assess the compatibility of current configurations with the new ISA platform and the new domain authentication structure.
• New Domain Authentication Assessment:
• Review the architecture and configuration of the new domain environment.
• Identify potential integration challenges and ensure readiness for authentication migration.

1. Planning

Migration and Testing Plan:

• Develop a comprehensive migration plan for user realms and profiles, incorporating testing against the new domain environment.
• Define prerequisites for integration, including trust relationships, certificates, and access control configurations.
• Establish rollback procedures to address any migration or authentication issues.

Pre-Migration Preparation:

• Prepare ISA devices to receive migrated configurations and support the new domain authentication structure.
• Coordinate with client teams to align schedules and test periods.

3.Migration Execution

Data and Configuration Migration:

• Extract user realms, profiles, and authentication settings from the PSA devices.
• Transform and adapt extracted data for compatibility with ISA devices and the new domain environment.
• Load configurations onto ISA devices in a phased manner.

Domain Authentication Configuration:

• Enable and configure multiple domain authentication on ISA devices.
• Integrate and validate authentication protocols (SAML, Kerberos, LDAP) with the new domain structure.

1. Validation and Testing

Functional Testing:

• Test authentication workflows for all user realms and profiles against the new domain authentication structure.
• Validate user access for each domain, ensuring no disruptions or policy violations.

Failover Testing:

• Test failover and redundancy scenarios to confirm system reliability.

New Domain Compatibility Testing:

• Verify that the migrated configurations work seamlessly within the new domain authentication setup.
• Address and resolve any compatibility or integration issues.

1. Documentation and Knowledge Transfer:

• Document all migration procedures, challenges, and resolutions.
• Provide knowledge transfer to CUNY staff through detailed documentation and live demonstrations.

1. Collaboration and Support:

• Work closely with CUNY s teams, including networking, application, and support teams, to troubleshoot issues and ensure smooth integration

Essential duties:

• Key responsibilities include, but are not limited to:
• Provision Access for SSL VPN Users
• Configure Authentication Servers
• Create, configure and map Role and Realm and Resources
• Document all changes
• Create method of procedures
• Workday provisioning/ mapping Auth server/mapping or creating roles and realms /troubleshooting as needed
• Other duties as assigned.

Assessment

• Create a Current State Report
• Complete Ivanti Pulse Secure environment assessments
• Review Remote Access architecture
• Complete configuration and security assessment of all devices
• Understand and document bandwidth utilization and inventory
• Identify all issues in all layers of the architecture

Recommendations

• Authentication requirements
• Areas to create redundancy
• Hardening of the network
• Areas to upgrade technology
• Estimated cost of the upgrades
• Opportunities for cost avoidance
• Value adds for the upgrades
• Create Future State Report
• Future State Architecture map
• Future state for management of devices.
• Network and scalability projections
• Lifecycle of the future state network security upgrades
• Anticipated next-gen technology

Submit your resume to or apply directly through Dice. For immediate consideration, please include Ivanti Network Security Engineer Consultant in the subject line.

Equal Opportunity Employer

Ardent Technologies, Inc., is an equal opportunity employer that relies on the strength of a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.