Today
Top Secret
Senior Level Career (10+ yrs experience)
IT - Networking
Dahlgren, VA (Off-Site/Hybrid)
Job Description:
TEKsystems is seeking a Cisco Identity Services Engineer (ISE) Administrator to provide Design and Engineering Operation and Maintenance support for ISE systems on the classified and unclassified Research, Development, Test and Evaluation (RDTE) networks at Dahlgren, VA.
As an Cisco ISE Administrator, you will identify endpoints, and enable the creation and enforcement of security and access policies for endpoint devices connected to the company’s routers and switches, in order to simplify identity management across diverse devices and applications.
Responsibilities:
• Configure, implement, and troubleshoot ISE.
• Build and analyze ISE rules to comply with client network security policies.
• Create policies for unseen network devices in a mixed environment, to include profiling devices, defining Downloadable Access Control Lists (DACL’s), and assigning Virtual Local Area Network (VLAN) to endpoints.
• Implement 802.1x solutions to all “supplicant-enabled” devices via AnyConnect software and Network Access Manager (NAM) profiles using EAP-MSCHAPv2/TLS encryption methods.
• Integrate with wired data, wireless infrastructure, and Virtual Private Network (VPN), as well as posture and client provisioning.
• Configure and implement TACACS+ policies for network device administration.
• Manage firewall and network security systems by establishing and enforcing approved policies
• Analyze network security requirements and implement perimeter security changes
• Serve as a subject matter expert in coordinating and troubleshooting with customers, other infrastructure support activities and business units
• Develop network documentation of security infrastructure
• Monitor network performance and implement performance tuning as necessary
• Responsible for installing software, applying patches, managing file systems, and monitoring performance of ISE systems
• Performs data backups and restoration of managed systems
• Assist in the certification and accreditation process for managed systems and networks
• Install and deploy of new ISE hardware and software
• Review daily logs for managed systems and report on unusual activity
• Participate in the development and maintenance of Standard Operating Procedures (SOPs) associated with managed systems and applications
• Collaborate with IT staff on projects and initiatives
• Provide input for a monthly progress and status report
Desired Skills
• Cisco Access Control System (ACS), specifically with “role-based” TACACS+ commands/profiles
• PxGrid, ThreatGrid and Security Group Tags(SGT’s) for back-end communication between Cisco Firepower and ISE server
• Cisco Prime, MDM, ASA, DNS/DHCP, Network Load-Balancing, and 802.11a/b/g/n Wireless technologies and industry best practices.
• Active Directory knowledge(e.g. Organizational Unit(OU) identification, domain “trusts”, Domain Name System(DNS), identity resolution)
• Ten (10) years of experience in networking, IT, or other related fields preferred
• Bachelor's Degree required
• ISE certifications: CCNP (SISE) highly desirable
• Solid experience configuring and troubleshooting routing and switched infrastructure (e.g. CCNA, CCNP Security) and security certifications highly desirable
• Experience in network security including: Device Hardening and patching
• Experience with Cisco AnyConnect or related supplicants.
• Experience with Public Key Infrastructure (PKI) to assist, maintain and troubleshoot 802.1X EAP-TLS issues
• Experience with MAC Authentication Bypass (MAB) and 802.1X troubleshooting concepts.
• Knowledge of Cisco AnyConnect Modules – (VPN, Posture, NAM)
• Diagnose and resolve complex network problems and improve network performance and reliability
• Must currently hold a DoD 8570 Information Assurance Technical Level II certifications
• Position requires a strong understanding of ISE functions and operations (e.g. endpoint identification, authentication, authorization)
• Familiarity with researching communication networks
• Must have strong troubleshooting and critical thinking skills
• Strong attention to detail, good documentation skills, ability to write clear, concise project reports
• Ability to function with minimal instruction or supervision, or as a part of larger team reporting to formal project management
Physical Demands:
• Must be able to lift up to 10-20 pounds
• Must be able to stand and walk for prolonged amounts of time
• Must be able to twist, bend and squat periodically
• SECURITY CLEARANCE REQUIREMENTS: Must currently hold a security clearance at the Top Secret level. US Citizenship is a requirement for this contract.
Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following:
• Medical, dental & vision
• Critical Illness, Accident, and Hospital
• 401(k) Retirement Plan – Pre-tax and Roth post-tax contributions available
• Life Insurance (Voluntary Life & AD&D for the employee and dependents)
• Short and long-term disability
• Health Spending Account (HSA)
• Transportation benefits
• Employee Assistance Program
• Time Off/Leave (PTO, Vacation or Sick Leave)
TEKsystems is seeking a Cisco Identity Services Engineer (ISE) Administrator to provide Design and Engineering Operation and Maintenance support for ISE systems on the classified and unclassified Research, Development, Test and Evaluation (RDTE) networks at Dahlgren, VA.
As an Cisco ISE Administrator, you will identify endpoints, and enable the creation and enforcement of security and access policies for endpoint devices connected to the company’s routers and switches, in order to simplify identity management across diverse devices and applications.
Responsibilities:
• Configure, implement, and troubleshoot ISE.
• Build and analyze ISE rules to comply with client network security policies.
• Create policies for unseen network devices in a mixed environment, to include profiling devices, defining Downloadable Access Control Lists (DACL’s), and assigning Virtual Local Area Network (VLAN) to endpoints.
• Implement 802.1x solutions to all “supplicant-enabled” devices via AnyConnect software and Network Access Manager (NAM) profiles using EAP-MSCHAPv2/TLS encryption methods.
• Integrate with wired data, wireless infrastructure, and Virtual Private Network (VPN), as well as posture and client provisioning.
• Configure and implement TACACS+ policies for network device administration.
• Manage firewall and network security systems by establishing and enforcing approved policies
• Analyze network security requirements and implement perimeter security changes
• Serve as a subject matter expert in coordinating and troubleshooting with customers, other infrastructure support activities and business units
• Develop network documentation of security infrastructure
• Monitor network performance and implement performance tuning as necessary
• Responsible for installing software, applying patches, managing file systems, and monitoring performance of ISE systems
• Performs data backups and restoration of managed systems
• Assist in the certification and accreditation process for managed systems and networks
• Install and deploy of new ISE hardware and software
• Review daily logs for managed systems and report on unusual activity
• Participate in the development and maintenance of Standard Operating Procedures (SOPs) associated with managed systems and applications
• Collaborate with IT staff on projects and initiatives
• Provide input for a monthly progress and status report
Desired Skills
• Cisco Access Control System (ACS), specifically with “role-based” TACACS+ commands/profiles
• PxGrid, ThreatGrid and Security Group Tags(SGT’s) for back-end communication between Cisco Firepower and ISE server
• Cisco Prime, MDM, ASA, DNS/DHCP, Network Load-Balancing, and 802.11a/b/g/n Wireless technologies and industry best practices.
• Active Directory knowledge(e.g. Organizational Unit(OU) identification, domain “trusts”, Domain Name System(DNS), identity resolution)
• Ten (10) years of experience in networking, IT, or other related fields preferred
• Bachelor's Degree required
• ISE certifications: CCNP (SISE) highly desirable
• Solid experience configuring and troubleshooting routing and switched infrastructure (e.g. CCNA, CCNP Security) and security certifications highly desirable
• Experience in network security including: Device Hardening and patching
• Experience with Cisco AnyConnect or related supplicants.
• Experience with Public Key Infrastructure (PKI) to assist, maintain and troubleshoot 802.1X EAP-TLS issues
• Experience with MAC Authentication Bypass (MAB) and 802.1X troubleshooting concepts.
• Knowledge of Cisco AnyConnect Modules – (VPN, Posture, NAM)
• Diagnose and resolve complex network problems and improve network performance and reliability
• Must currently hold a DoD 8570 Information Assurance Technical Level II certifications
• Position requires a strong understanding of ISE functions and operations (e.g. endpoint identification, authentication, authorization)
• Familiarity with researching communication networks
• Must have strong troubleshooting and critical thinking skills
• Strong attention to detail, good documentation skills, ability to write clear, concise project reports
• Ability to function with minimal instruction or supervision, or as a part of larger team reporting to formal project management
Physical Demands:
• Must be able to lift up to 10-20 pounds
• Must be able to stand and walk for prolonged amounts of time
• Must be able to twist, bend and squat periodically
• SECURITY CLEARANCE REQUIREMENTS: Must currently hold a security clearance at the Top Secret level. US Citizenship is a requirement for this contract.
Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following:
• Medical, dental & vision
• Critical Illness, Accident, and Hospital
• 401(k) Retirement Plan – Pre-tax and Roth post-tax contributions available
• Life Insurance (Voluntary Life & AD&D for the employee and dependents)
• Short and long-term disability
• Health Spending Account (HSA)
• Transportation benefits
• Employee Assistance Program
• Time Off/Leave (PTO, Vacation or Sick Leave)
group id: 10105424
Accelerating IT transformation in the public sector
