Cisco ISE Engineer - W2 Only

One of our clients in Oil & Gas industry is seeking a highly skilled Cisco ISE Engineer with medium to advanced expertise in Cisco Identity Services Engine (ISE). The ideal candidate will play a pivotal role in designing, deploying, and maintaining network access control solutions using Cisco ISE to ensure the security and compliance of our enterprise network. This position requires a strong understanding of network security concepts, hands-on experience with Cisco ISE, and the ability to integrate ISE with various network infrastructure components.

Title: Cisco ISE Engineer

Location: Houston, TX – Onsite (5 days a week)

Industry: Oil & Gas

Duration: Long Term Contract

W2 Only. No C2C / No Visa Sponsorship

No Relocation

Key Responsibilities:

Cisco ISE Design and Implementation:

• Design and configure Cisco ISE policies for secure network access and device management.
• Develop posture assessment policies for endpoint compliance checks.

Policy Management and Troubleshooting:

• Create and manage authentication and authorization rules for diverse user groups and device types.
• Troubleshoot issues related to user authentication, endpoint compliance, and network access.

Integration and Support:

• Integrate Cisco ISE with Active Directory.
• Ensure seamless communication between Cisco ISE and other network security tools.
• Provide ongoing support for ISE deployments, including system upgrades and performance tuning.

Monitoring and Reporting:

• Monitor network access logs and ISE system health using built-in tools and third-party monitoring solutions.
• Generate compliance reports for audits and security reviews.

Collaboration and Training:

• Work with cross-functional teams to align network security policies with business objectives.
• Train IT staff on Cisco ISE administration and best practices.

Expected Knowledge Areas:

Cisco ISE Core Concepts:

• Identity management, profiling, and guest access.
• Network access device integration (e.g., switches, wireless controllers).

Authentication and Authorization Protocols:

• Knowledge of 802.1X, EAP (PEAP, EAP-TLS), and RADIUS.
• Configuration of certificate-based authentication and PKI integration.

Endpoint Profiling and Compliance:

• Device profiling using ISE probes (e.g., DHCP, HTTP, RADIUS).
• Integration with antivirus and endpoint management systems (e.g., SCCM).

Network Access Control (NAC):

• Configuring VLANs, access control lists (ACLs), and segmentation policies.
• Dynamic VLAN assignment based on user roles.

System Administration:

• ISE cluster management, including primary/secondary node configuration.
• Backup, restoration, and software upgrades of Cisco ISE.

Security Best Practices:

• Zero Trust principles and network segmentation.
• Compliance with frameworks such as GDPR, HIPAA, or PCI-DSS.

Qualifications:

• 3 years of hands-on experience with Cisco ISE in enterprise environments.
• Strong understanding of network infrastructure, including LAN/WAN, switches, and firewalls.
• Relevant certifications such as CCNP Security, Cisco ISE Specialist, or equivalent are highly desirable.