IT Consulting Services, Recruitment Services | Fremont | USA - Triune Infomatics

Cisco ISE Engineer

Job Type: Contract
Work Flexibility: Occasional Travel
Location: Oakland CA
Required Skills: 802.1X/MAB/RADIUS/TACACS+ Active Directory/LDAP/OCSP/AWS PKI Cisco ISE Intune/Jamf Pro/AirWatch/Addigy NAC Policy Engineering (Profiling/Posture/BYOD/Guest) Network Security Infrastructure (Switches/WLCs/VPNs/Firewalls)

Role: Cisco ISE Engineer
Location: Oakland, CA (Hybrid – 4 to 5 days in month)
Duration: 6+ months (possible extension)
Pay Rate: $60 to $70
 
 
Overview: The client is seeking a highly experienced Cisco ISE Engineer to design, implement, and maintain a robust enterprise Network Access Control (NAC) environment. This is a senior, hands-on technical role requiring deep expertise across wired, wireless, remote access, guest, BYOD, and device administration use cases. The ideal candidate brings architectural thinking combined with day-to-day operational excellence and strong troubleshooting skills.

Key Responsibilities:
Architecture & Implementation

  • Design and implement Cisco ISE architecture for enterprise NAC across wired, wireless, remote access, guest, BYOD, and device administration environments
  • Build and manage policy sets for endpoint profiling, posture assessment, guest access, sponsor portals, BYOD onboarding, and certificate-based access

Policy Development

  • Develop and maintain authentication and authorization policies using 802.1X, MAB, RADIUS, and TACACS+
  • Create and refine policy sets aligned to security standards and operational requirements

Integration

  • Integrate Cisco ISE with identity sources including Active Directory, LDAP, OCSP, and AWS PKI
  • Connect ISE to MDM/EMM platforms: Intune, Jamf Pro, AirWatch, and Addigy
  • Configure integrations with VPN platforms, firewalls, and endpoint security tools

Troubleshooting & Operations

  • Troubleshoot complex authentication, authorization, posture, and network access issues
  • Resolve issues across switches, wireless controllers, firewalls, and VPN platforms
  • Maintain documentation, support audits, and ensure policy compliance

Required Skills & Experience:
Experience

  • 5+ years of hands-on experience in network security or network engineering
  • Direct, production-level experience with Cisco ISE is mandatory

Technical Skills

  • Cisco ISE: Architecture, policy sets, profiling, posture, guest, BYOD, sponsor portals
  • Protocols: 802.1X, MAB, RADIUS, TACACS+
  • Identity Integration: Active Directory, LDAP, OCSP, AWS PKI
  • MDM/EMM: Intune, Jamf Pro, AirWatch, Addigy
  • Network Platforms: Switches, wireless controllers, VPN platforms, firewalls
  • Certificate-based access and PKI concepts

Certifications (Required or Strongly Preferred)

  • CCNP Security
  • Cisco Certified Specialist – Security Identity Management Implementation
  • CCIE Security (a strong differentiator)

Apply for this position

Allowed Type(s): .pdf, .doc, .docx