Cisco ISE Engineer

We are seeking an expert-level Cisco ISE Subject Matter Expert to support the U.S. Africa Command (AFRICOM) mission. This role serves as the primary technical authority for a large-scale, distributed Cisco ISE deployment. The focus is on securing the DoD enterprise network through advanced Identity and Access Management, Zero Trust architecture, and endpoint compliance. The successful candidate will ensure secure, policy-driven access across a highly classified, globally dispersed infrastructure, serving as the cornerstone for the command's Zero Trust transformation., * Zero Trust Architecture (ZTA) Execution: Architect and deploy Zero Trust Network Access (ZTNA) principles using Cisco ISE to strictly enforce least-privilege access across the enterprise network.

• Continuous Trust Verification: Develop and maintain dynamic, context-aware access policies that continuously evaluate user identity, device posture, location, and telemetry before granting or maintaining network access.
• Micro-Segmentation for ZTA: Engineer and maintain Cisco TrustSec, Security Group Tags (SGTs), and Security Group Access Control Lists (SGACLs) to contain lateral movement and enforce granular network segmentation.
• DoD ZT Alignment: Ensure all ISE integrations directly support the "Identity" and "Device" pillars of the DoD Zero Trust Reference Architecture.
• ISE Architecture: Design, deploy, and manage multi-node, distributed Cisco ISE deployments including Policy Administration (PAN), Monitoring (MnT), Policy Service (PSN), and pxGrid nodes.
• Network Access Control: Implement and troubleshoot 802.1X, MAC Authentication Bypass (MAB), and WebAuth across enterprise wired, wireless, and VPN infrastructures.
• Device Administration: Manage TACACS+ for centralized network device administration and strict role-based access control (RBAC).
• Endpoint Profiling & Posture: Configure advanced endpoint profiling and deep posture assessments to ensure only compliant DoD devices can connect to mission-critical enclaves.
• Integrations: Integrate ISE with external identity stores (Active Directory, LDAP), Public Key Infrastructure (PKI), Mobile Device Management (MDM), and SIEM platforms.
• Mission Support: Perform complex packet-level troubleshooting (RADIUS, EAP-TLS, EAP-TEAP) to resolve authentication failures and ensure continuous AFRICOM mission readiness.

To satisfy the Technical Expert criteria, candidates must meet one of the following education/experience paths:

• Bachelor's Degree in a technical discipline plus 3+ years of relevant technical experience.
• Associate's Degree in a technical discipline plus 7+ years of relevant technical experience.
• A minimum of 11+ years of specialized, relevant technical experience in lieu of a degree.

Additional Core Requirements:

• Clearance: Must possess an active Top Secret security clearance.
• Compliance: Must meet DoD 8570/8140 IAT Level II baseline certification (e.g., Security+ CE).
• Specialized Expertise: Minimum of 5 years of hands-on engineering experience dedicated to Cisco ISE, NAC, and AAA protocols.
• Protocol Mastery: Deep understanding of RADIUS, TACACS+, EAP protocols (specifically EAP-TLS and TEAP), and PKI certificate lifecycles., * Specific Cisco Certifications such as CCNP Security (specifically the SISE 300-715 exam) or CCIE Security.
• Familiarity with the DoD Zero Trust Strategy and related architecture pillars.
• Experience with Cisco DNA Center (Catalyst Center) and Software-Defined Access (SDA) integrations.
• Scripting experience using Python or REST APIs for automating ISE policy deployments and endpoint management.

If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo - because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 - and moving faster than anyone else dares.

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at www.leidos.com/careers/pay-benefits.

Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. Headquartered in Reston, Virginia, with 47,000 global employees, Leidos reported annual revenues of approximately $16.7 billion for the fiscal year ended January 3, 2025. For more information, visit www.Leidos.com.