Posted today
Secret
$170,000 - $185,000
Unspecified
Alexandria, VA (On-Site/Office)
Piper Companies is seeking an experienced Comply-to-Connect (C2C) Architect to support a major U.S. Coast Guard (USCG) security modernization program. This fully remote role (with limited travel) focuses on designing and deploying Cisco Identity Services Engine (ISE) solutions that strengthen network access control and align with DoD Zero Trust and C2C requirements.
Key Responsibilities
Qualifications
Compensation & Benefits
Keywords
Cisco ISE, Identity Services Engine, ISE 3.x, Network Access Control, NAC, Comply-to-Connect, C2C, DoD C2C, Zero Trust, DoD Zero Trust, 802.1X, EAP-TLS, MAB, Supplicant Configuration, Windows Supplicant, macOS Supplicant, Linux Supplicant, Device Profiling, Posture Assessment, Guest/BYOD, TrustSec, SGT, Security Group Tags, pxGrid, TACACS+, ERS API, REST API, Python Automation, Python Scripting, DoD PKI, CAC, SCEP, EST, AD CS, Enterprise PKI, RMF, ATO, SSP, POA&M, DISA STIGs, ACAS, Tenable, Vulnerability Management, Splunk, Elastic, SIEM Integration, NGFW Integration, Firewall Integration, EDR, Endpoint Protection, Intune, JAMF, MDM, UEM, Routing and Switching, Wireless Integration, Infrastructure-as-Code, Git, Version Control, High-Level Design, Low-Level Design, HLD, LLD, Runbooks, Cutover Plans, Architecture Documentation, DoD Networks, USCG, Federal Networks, Secret Clearance, IAT Level III, CCNP Security, CCIE Security, Cisco ISE Specialist, Security+, CISSP, CASP+.
Key Responsibilities
- Lead the design and architecture of Cisco ISE 3.x environments, including scaling, redundancy, PKI integration, and multi-node personas.
- Map ISE capabilities (802.1X/EAP-TLS, MAB, profiling, posture, SGT/TrustSec, pxGrid, TACACS+) to DoD C2C and Zero Trust policies.
- Develop HLDs, LLDs, test plans, runbooks, and operational documentation.
- Support configuration, testing, and deployment of ISE-based NAC across campus, data center, and wireless networks.
- Integrate ISE with SIEMs, NGFWs, EDR/MDM platforms, Tenable/ACAS, and ITSM tools.
- Contribute to RMF/ATO documentation including SSP inputs and POA&Ms.
- Serve as a technical SME for USCG stakeholders and participate in architecture reviews.
Qualifications
- Active DoD Secret clearance or higher.
- IAT Level III certification.
- 7+ years of Cisco ISE design and deployment experience in DoD or federal environments.
- Experience implementing DoD Comply-to-Connect solutions and automated remediation workflows.
- Strong knowledge of 802.1X/EAP-TLS, TrustSec/SGT, pxGrid, REST APIs, Python, DoD PKI/CAC, routing/switching, TACACS+, and wireless integration.
- Familiarity with DISA STIGs, RMF, and ACAS/Tenable.
- Preferred: CCIE Security, CCNP Security, Cisco ISE Specialist, Security+ CE, CISSP, or CASP+.
Compensation & Benefits
- Competitive salary: $170,000 - $185,000 annually.
- Comprehensive benefits package including Medical, Dental, Vision, 401(k), PTO, holidays, and sick leave as required by law.
Keywords
Cisco ISE, Identity Services Engine, ISE 3.x, Network Access Control, NAC, Comply-to-Connect, C2C, DoD C2C, Zero Trust, DoD Zero Trust, 802.1X, EAP-TLS, MAB, Supplicant Configuration, Windows Supplicant, macOS Supplicant, Linux Supplicant, Device Profiling, Posture Assessment, Guest/BYOD, TrustSec, SGT, Security Group Tags, pxGrid, TACACS+, ERS API, REST API, Python Automation, Python Scripting, DoD PKI, CAC, SCEP, EST, AD CS, Enterprise PKI, RMF, ATO, SSP, POA&M, DISA STIGs, ACAS, Tenable, Vulnerability Management, Splunk, Elastic, SIEM Integration, NGFW Integration, Firewall Integration, EDR, Endpoint Protection, Intune, JAMF, MDM, UEM, Routing and Switching, Wireless Integration, Infrastructure-as-Code, Git, Version Control, High-Level Design, Low-Level Design, HLD, LLD, Runbooks, Cutover Plans, Architecture Documentation, DoD Networks, USCG, Federal Networks, Secret Clearance, IAT Level III, CCNP Security, CCIE Security, Cisco ISE Specialist, Security+, CISSP, CASP+.
group id: 10430981
N
