Responsibilities:
- Designs, deploys, and maintains Cisco Identity Services Engine (ISE) solutions to enhance network security and access control across DoD enterprise environments
- Leads the configuration of authentication, authorization, and accounting (AAA) policies, integrating Cisco ISE with firewalls, VPNs, and endpoint posture validation systems
- Performs security assessments aligned with FISMA and RMF frameworks, ensuring compliance with NIST and ISO 27001 standards
- Implements and manages SIEM tools, firewalls, and IDS/IPS systems to monitor and protect network infrastructure
- Troubleshoots 802.1x authentication issues, posture validation failures, and quarantine VLAN placement, ensuring seamless user access and endpoint compliance
- Collaborates with SD-WAN and JRSS teams to support network migrations and firewall policy conversions using scripting tools like Python
- Maintains ISE node backups, upgrades firmware to remediate vulnerabilities, and configures external integrations with TACACS+, RADIUS, and Active Directory
- Provides technical leadership and mentorship to junior engineers, contributing to documentation and Visio topology diagrams for current and future network states
- CISSP, Security+, CISM certifications
- Experience with security assessments (FISMA, RMF)
- Experience with SIEM tools, firewalls, IDS/IPS
- Experience with Cisco ISE configuration and integration
- Familiarity with NIST and ISO 27001 standards
- Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information
The pay range is the lowest to highest compensation we reasonably in good faith believe we would pay at posting for this role. We may ultimately pay more or less than this range. Employee pay is based on factors like relevant education, qualifications, certifications, experience, skills, seniority, location, performance, union contract and business needs. This range may be modified in the future.
We offer comprehensive benefits including medical/dental/vision insurance, HSA, FSA, 401(k), and life, disability & ADD insurance to eligible employees. Salaried personnel receive paid time off. Hourly employees are not eligible for paid time off unless required by law. Hourly employees on a Service Contract Act project are eligible for paid sick leave.
Note: Pay is not considered compensation until it is earned, vested and determinable. The amount and availability of any compensation remains in Kforce's sole discretion unless
and until paid and may be modified in its discretion consistent with the law.
This job is not eligible for bonuses, incentives or commissions.
Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
By clicking âApply Todayâ you agree to receive calls, AI-generated calls, text messages or emails from Kforce and its affiliates, and service providers. Note that if you choose to communicate with Kforce via text messaging the frequency may vary, and message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You will always have the right to cease communicating via text by using key words such as STOP.
