Top Secret Cisco ISE Admin

JOB DESCRIPTION

Insight Global is looking for a Secret Cisco ISE Administrator to support a large government client at Dahlgren, Virginia. This person should have an active Secret clearance, at a minimum, to support the NAVSEA program. Daily duties/tasks include: · Identifying endpoints · Enabling the creation and enforcement of security policies for endpoint devices · Configure, implement, and troubleshoot ISE · Create policies for unseen network devices in a mixed environment, to include profiling devices, defining Downloadable Access Control Lists (DACL’s), and assigning Virtual Local Area Network (VLAN) to endpoints. · Implement 802.1x solutions to all “supplicant-enabled” devices via AnyConnect software and Network Access Manager (NAM) profiles using EAP-MSCHAPv2/TLS encryption methods. · Integrate with wired data, wireless infrastructure, and Virtual Private Network (VPN), as well as posture and client provisioning. · Configure and implement TACACS policies for network device administration. · Manage firewall and network security systems by establishing and enforcing approved policies · Analyze network security requirements and implement perimeter security changes · Serve as a subject matter expert in coordinating and troubleshooting with customers, other infrastructure support activities and business units · Monitor network performance and implement performance tuning as necessary · Responsible for installing software, applying patches, managing file systems, and monitoring performance of ISE systems · Performs data backups and restoration of managed systems · Assist in the certification and accreditation process for managed systems and networks · Install and deploy of new ISE hardware and software · Review daily logs for managed systems and report on unusual activity · Participate in the development and maintenance of Standard Operating Procedures (SOPs) associated with managed systems and applications - Provide input for a monthly progress and status report For someone with this experience, we are looking to compensate between $45-$57/hr.

REQUIRED SKILLS AND EXPERIENCE

1. Bachelor's Degree in applicable field 2. Top Secret Clearance 3. Must meet 8570 IAT Level 2 Compliance: Sec , CySA , etc 4. 10 Years of experience in networking, IT, or other related field. a. Ability to configure and troubleshoot routing and switched infrastructure b. Experience in Network Security: i.e. Device Hardening and patching 5. 3-4 years of experience working with Cisco ISE a. Must have the ability to configure, maintain the policies and troubleshoot the appliance b. Needs to understand how ISE functions and operates i. I.e. Endpoint identification, authentication, and authorization 6. Working knowledge and experience of Windows Active Directory

NICE TO HAVE SKILLS AND EXPERIENCE

- Master's Degree - Certs: CCNP, CCNP Security, CCNA - Cisco Access Control System (ACS), specifically with “role-based” TACACS commands/profiles - PxGrid, ThreatGrid and Security Group Tags(SGT’s) for back-end communication between Cisco Firepower and ISE server - Cisco Prime, MDM, ASA, DNS/DHCP, Network Load-Balancing, and 802.11a/b/g/n Wireless technologies and industry best practices. - Active Directory knowledge(e.g. Organizational Unit(OU) identification, domain “trusts”, Domain Name System(DNS), identity resolution)

Compensation: $48/hr to $62/hr.

Exact compensation may vary based on several factors, including skills, experience, and education.

Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.