Job Requirements
Stuttgart, Germany
Top Secret Polygraph Unspecified
Career Level not specified
$87,100 - $157,450
Job Description
R-00184097
Description
We are seeking an expert-level Cisco ISE Subject Matter Expert to support the U.S. Africa Command (AFRICOM) mission. This role serves as the primary technical authority for a large-scale, distributed Cisco ISE deployment. The focus is on securing the DoD enterprise network through advanced Identity and Access Management, Zero Trust architecture, and endpoint compliance. The successful candidate will ensure secure, policy-driven access across a highly classified, globally dispersed infrastructure, serving as the cornerstone for the command's Zero Trust transformation.
Key Duties & Responsibilities
Required Qualifications (TESA Standards)
To satisfy the Technical Expert criteria, candidates must meet one of the following education/experience paths:
Additional Core Requirements:
Preferred Qualifications
If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo — because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 — and moving faster than anyone else dares.
Original Posting: June 2, 2026
For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.
Pay Range: Pay Range $87,100.00 - $157,450.00
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
About Leidos
Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. Headquartered in Reston, Virginia, with 47,000 global employees, Leidos reported annual revenues of approximately $16.7 billion for the fiscal year ended January 3, 2025. For more information, visit www.Leidos.com .
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at www.leidos.com/careers/pay-benefits .
Securing Your Data
Beware of fake employment opportunities using Leidos’ name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system – never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at LeidosCareersFraud@leidos.com .
If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission .
Commitment to Non-Discrimination
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.
Description
We are seeking an expert-level Cisco ISE Subject Matter Expert to support the U.S. Africa Command (AFRICOM) mission. This role serves as the primary technical authority for a large-scale, distributed Cisco ISE deployment. The focus is on securing the DoD enterprise network through advanced Identity and Access Management, Zero Trust architecture, and endpoint compliance. The successful candidate will ensure secure, policy-driven access across a highly classified, globally dispersed infrastructure, serving as the cornerstone for the command's Zero Trust transformation.
Key Duties & Responsibilities
- Zero Trust Architecture (ZTA) Execution: Architect and deploy Zero Trust Network Access (ZTNA) principles using Cisco ISE to strictly enforce least-privilege access across the enterprise network.
- Continuous Trust Verification: Develop and maintain dynamic, context-aware access policies that continuously evaluate user identity, device posture, location, and telemetry before granting or maintaining network access.
- Micro-Segmentation for ZTA: Engineer and maintain Cisco TrustSec, Security Group Tags (SGTs), and Security Group Access Control Lists (SGACLs) to contain lateral movement and enforce granular network segmentation.
- DoD ZT Alignment: Ensure all ISE integrations directly support the "Identity" and "Device" pillars of the DoD Zero Trust Reference Architecture.
- ISE Architecture: Design, deploy, and manage multi-node, distributed Cisco ISE deployments including Policy Administration (PAN), Monitoring (MnT), Policy Service (PSN), and pxGrid nodes.
- Network Access Control: Implement and troubleshoot 802.1X, MAC Authentication Bypass (MAB), and WebAuth across enterprise wired, wireless, and VPN infrastructures.
- Device Administration: Manage TACACS+ for centralized network device administration and strict role-based access control (RBAC).
- Endpoint Profiling & Posture: Configure advanced endpoint profiling and deep posture assessments to ensure only compliant DoD devices can connect to mission-critical enclaves.
- Integrations: Integrate ISE with external identity stores (Active Directory, LDAP), Public Key Infrastructure (PKI), Mobile Device Management (MDM), and SIEM platforms.
- Mission Support: Perform complex packet-level troubleshooting (RADIUS, EAP-TLS, EAP-TEAP) to resolve authentication failures and ensure continuous AFRICOM mission readiness.
Required Qualifications (TESA Standards)
To satisfy the Technical Expert criteria, candidates must meet one of the following education/experience paths:
- Bachelor’s Degree in a technical discipline plus 3+ years of relevant technical experience.
- Associate’s Degree in a technical discipline plus 7+ years of relevant technical experience.
- A minimum of 11+ years of specialized, relevant technical experience in lieu of a degree.
Additional Core Requirements:
- Clearance: Must possess an active Top Secret security clearance.
- Compliance: Must meet DoD 8570/8140 IAT Level II baseline certification (e.g., Security+ CE).
- Specialized Expertise: Minimum of 5 years of hands-on engineering experience dedicated to Cisco ISE, NAC, and AAA protocols.
- Protocol Mastery: Deep understanding of RADIUS, TACACS+, EAP protocols (specifically EAP-TLS and TEAP), and PKI certificate lifecycles.
Preferred Qualifications
- Specific Cisco Certifications such as CCNP Security (specifically the SISE 300-715 exam) or CCIE Security.
- Familiarity with the DoD Zero Trust Strategy and related architecture pillars.
- Experience with Cisco DNA Center (Catalyst Center) and Software-Defined Access (SDA) integrations.
- Scripting experience using Python or REST APIs for automating ISE policy deployments and endpoint management.
If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo — because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 — and moving faster than anyone else dares.
Original Posting: June 2, 2026
For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.
Pay Range: Pay Range $87,100.00 - $157,450.00
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
About Leidos
Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. Headquartered in Reston, Virginia, with 47,000 global employees, Leidos reported annual revenues of approximately $16.7 billion for the fiscal year ended January 3, 2025. For more information, visit www.Leidos.com .
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at www.leidos.com/careers/pay-benefits .
Securing Your Data
Beware of fake employment opportunities using Leidos’ name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system – never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at LeidosCareersFraud@leidos.com .
If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission .
Commitment to Non-Discrimination
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.
group id: SCNCAPI2
Introducing the Next Level of Leidos
