This job offer is no longer available
About
Job Location: Santa Clara CA
Job Type: Contract
Job Duration: Long Term.
Office location- Santa Clara, CA 95054, United States
Job Description:- Design, deploy, configure, and maintain Cisco ISE for network access control (NAC) and identity-based policy enforcement. Implement 802.1X authentication, MAB (MAC Authentication Bypass), and posture assessment for wired and wireless networks. Manage device profiling, guest access portals, BYOD policies, and certificate-based authentication (EAP-TLS/PEAP). Integrate ISE with Active Directory, PKI, and other authentication systems. Develop and maintain ISE policies, network device groups, and authorization profiles. Monitor ISE logs and troubleshoot authentication and authorization issues. Perform ISE patching, backup, and system upgrades as part of lifecycle management. Firewall Responsibilities:
Configure, manage, and troubleshoot Cisco ASA, Firepower (FTD), Palo Alto, or Fortinet firewalls. Create and maintain access control policies (ACLs), NAT, VPNs, and security zones. Monitor and analyze firewall logs to detect anomalies or potential security breaches. Collaborate with security teams to enforce Zero Trust and micro-segmentation strategies. Conduct firewall performance tuning and ensure compliance with security standards. Good to have
General Network Security:
Collaborate with network operations and security teams to ensure consistent policy enforcement across wired, wireless, and VPN environments. Participate in incident response, root cause analysis, and remediation for security events. Develop and maintain network documentation, diagrams, and standard operating procedures (SOPs). Required Skills & Qualifications:
Bachelor's degree in Computer Science, Information Technology, or related field. 5+ years of experience in network security engineering. Hands-on experience with Cisco ISE (2.x or 3.x) deployment and management. Strong understanding of RADIUS, TACACS+, EAP, 802.1X, VLANs, and network access control. Experience with Cisco ASA, Firepower, or next-generation firewalls (NGFW). Proficiency with Cisco Catalyst switches, wireless controllers, and VPN technologies. Familiar with network monitoring tools (SolarWinds, Splunk, Wireshark, etc.). Cisco certifications such as CCNP Security, CCIE Security, or Cisco ISE Specialist are highly desirable. Preferred Qualifications:
Experience with multi-vendor firewall platforms (Palo Alto, Fortinet, Check Point). Understanding of Zero Trust Network Access (ZTNA) and SASE architectures. Familiarity with automation and scripting (Python, Ansible) for network configurations.
Languages
- English
Notice for Users
This job was posted by one of our partners. You can view the original job source here.