Network Security Engineer (Cisco ISE & TrustSec)

Stafide
Eindhoven, Netherlands
5 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English

Job location

Eindhoven, Netherlands

Tech stack

IEEE 802.1X
Access Network
Border Gateway Protocol
Profiling
Local Area Networks
Network Security
Routing
Network Segmentation
Open Shortest Path First
Zero Trust Network Access
VLAN Trunking Protocol (VTP)
Identity Services Engine
Computer Network Operations
Routing & Switching
Cisco networks
Network Optimization
Legacy Systems

Job description

  • Eindhoven, Noord-Brabant

  • Vast

  • Voltijds

  • 15 uren geleden

As a Network Security Engineer, you will:

  • Lead the design and implementation of network sub-segmentation strategies aligned with Zero Trust architecture.

  • Deploy and manage Cisco ISE, TrustSec, SGTs, and SGACLs across enterprise environments.

  • Implement SGT-based Policy-Based Routing (PBR) for traffic steering and role-based path selection.

  • Configure and manage Identity-Based Networking (802.1X, profiling, posturing).

  • Handle inline tagging and SGT propagation across multi-tier LAN environments.

  • Perform advanced L3 routing (OSPF, BGP) and L2 switching (STP, VTP, StackWise) configurations.

  • Integrate legacy systems using SXP for TrustSec policy extension.

  • Act as Tier-3 escalation support for complex authentication, authorization, and segmentation issues.

  • Ensure alignment of network access policies with security compliance and audit requirements.

  • Develop and maintain SOPs, documentation, and work instructions., * Collaborate with cross-functional teams to ensure secure and efficient network operations.

What We Bring to the Table:

  • Opportunity to work on enterprise-scale network security transformation projects.

  • Exposure to advanced Cisco security technologies and Zero Trust architecture.

  • A collaborative environment with high-impact security initiatives.

  • Opportunities to enhance expertise in network segmentation and identity-based security.

  • A professional environment focused on innovation, ownership, and delivery excellence.

Requirements

  • Strong hands-on experience with Cisco ISE and TrustSec deployments.

  • Certification: CCNP Enterprise or higher.

  • Expertise in SGT-based segmentation, SGACLs, and policy enforcement.

  • Deep understanding of Identity-Based Networking (802.1X, profiling, posturing).

  • Strong experience in L3 routing (OSPF, BGP) and L2 switching technologies.

  • Experience with SGT propagation and inline tagging in enterprise LANs.

  • Knowledge of network security architecture and Zero Trust principles.

  • Strong troubleshooting skills in authentication and network segmentation issues.

You Should Possess the Ability to:

  • Design scalable and secure network segmentation architectures.

  • Manage and troubleshoot complex enterprise network environments.

  • Implement Zero Trust security models effectively.

  • Optimize network performance through advanced traffic engineering techniques.

  • Work in high-pressure environments handling critical escalations.

  • Create structured and clear technical documentation.

Apply for this position