Own your opportunity to work with the largest government agency in the nation. Make an impact by advancing the Department of Defense’s mission to keep our country safe and secure.
Job DescriptionJob Description:
To design, implement, and manage networks using Cisco’s Identity Service Engine (ISE). The engineer will be responsible for defining network access policies, managing network access security, and ensuring the smooth operation of the network.
Key Responsibilities:
Scalability Management: The engineer should ensure that the ISE solution can support hundreds of thousands of simultaneous connecting users along with millions of wired and wireless devices.
Access Control: The engineer should manage access control lists for further evaluation of unmanaged or illegal devices.
Integration: The engineer should be able to integrate ISE with other systems like Microsoft Active Directory for user validation and with certificate authorities for device access validation.
Compliance Checks: The engineer should be able to perform automated compliance checks with software technology providers.
Visibility: The engineer should be able to provide visibility into user devices, receiving a detailed overview of users’ devices and overall security status.
Risk Assessment: The engineer should be able to rapidly and without the use of scanners or agents provide a holistic view of every asset connected to the network.
Training: The engineer should be able to train others on the use of Cisco ISE, including its architecture, deployment, policy enforcement, and other functions.
Profiling: The engineer should be able to configure and customize Cisco ISE Profiling and create profiling reports.
Endpoint Compliance: The engineer should be able to configure Cisco ISE Compliance Services, Client Posture Services, and Provisioning.
VPN Integration: The engineer should be able to integrate ASA and ISE for VPN users, including configuring ASA and Cisco ISE for VPN Authentication, Authorization, and Posture
DESIRED QUALIFICATIONS:
Deep understanding of Cisco ISE and DNA Center.
Experience with defining network access policies and managing network access security.
Ability to design networks and define network policies.
Experience in infrastructure provisioning.
Completed Cisco ISE and DNA Training
BA/BS (or equivalent experience)
5+ years of experience
Must be 8570 Compliant:
IAT Level II Certification (Security+ or SSCP, or CySA+ or
AND Operating System Computing Environment Certification (CCNP Security Specialty ISE 300-715 SISE: Implementing and Configuring Cisco Identity Services Engine.