UIC Alaska

Welcome page

Cisco Identity Services Engineer

ID
2024-22013
Category
Information Technology
Location : Location
US-VA-Dahlgren
Minimum Clearance Required
Secret
Travel Requirement
N/A

Overview

CISCO IDENTITY SERVICES ENGINEER (RDTE)

 

Bowhead has an immediate opening for a Cisco ISE Administrator to provide Design and Engineering Operation and Maintenance support for ISE systems on the classified and unclassified Research, Development, Test and Evaluation (RDTE) networks at Dahlgren, VA. As an Cisco ISE Administrator, you will identify endpoints, and enable the creation and enforcement of security and access policies for endpoint devices connected to the company’s routers and switches, in order to simplify identity management across diverse devices and applications.

Responsibilities

  • Create policies for unseen network devices in a mixed environment, to include profiling devices, defining Downloadable Access Control Lists (DACL’s), and assigning Virtual Local Area Network (VLAN) to endpoints.
  • Implement 802.1x solutions to all “supplicant-enabled” devices via AnyConnect software and Network Access Manager (NAM) profiles using EAP-MSCHAPv2/TLS encryption methods.
  • Integrate with wired data, wireless infrastructure, and Virtual Private Network (VPN), as well as posture and client provisioning.
  • Configure and implement TACACS+ policies for network device administration.
  • Manage firewall and network security systems by establishing and enforcing approved policies
  • Analyze network security requirements and implement perimeter security changes
  • Serve as a subject matter expert in coordinating and troubleshooting with customers, other infrastructure support activities and business units
  • Develop network documentation of security infrastructure
  • Monitor network performance and implement performance tuning as necessary
  • Responsible for installing software, applying patches, managing file systems, and monitoring performance of ISE systems
  • Performs data backups and restoration of managed systems
  • Assist in the certification and accreditation process for managed systems and networks
  • Install and deploy of new ISE hardware and software
  • Review daily logs for managed systems and report on unusual activity
  • Participate in the development and maintenance of Standard Operating Procedures (SOPs) associated with managed systems and applications
  • Collaborate with IT staff on projects and initiatives
  • Provide input for a monthly progress and status report

Qualifications

  • Five to eight (5-8) years of relevant experience 
  • Bachelors Degree degree prefered 
  • ISE certifications: CCNP Security (SISE) highly desirable
  • Solid experience configuring and troubleshooting routing and switched infrastructure (e.g. CCNA, CCNP) and security certifications highly desirable
  • Experience in network security including: Device Hardening and patching
  • Experience with Cisco Secure Client or related supplicants.
  • Experience with MAC Authentication Bypass (MAB) and 802.1X troubleshooting concepts.
  • Experience with Public Key Infrastructure (PKI) to assist, maintain and troubleshoot 802.1X EAP-TLS issues
  • Knowledge of Cisco Secure Client Modules – (VPN, Posture, DART)
  • Diagnose and resolve complex network problems and improve network performance and reliability

Additional Requirements:

  • Must currently hold a DoD 8570 Information Assurance Technical Level II certification
  • Position requires a strong understanding of ISE functions and operations (e.g. endpoint identification, authentication, authorization)
  • Ideal candidate will have experience with TCP/IP protocols and the OSI model and how they apply to production systems and networks
  • Intermediate to advanced level skills in Microsoft Office software suite - Word, Excel, Outlook, PowerPoint
  • Ability to communicate effectively with all levels of employees and outside contacts
  • Strong interpersonal skills and good judgment with the ability to work alone or as part of a team

Desired Skills:

  • Cisco Access Control System (ACS), specifically with “role-based” TACACS+ commands/profiles
  • PxGrid, ThreatGrid and Security Group Tags (SGT’s) for back-end communication between Cisco Firepower and ISE server
  • Cisco Catalyst Center, MDM, ASA, DNS/DHCP, Network Load-Balancing, and 802.11a/b/g/n Wireless technologies and industry best practices.
  • Active Directory knowledge(e.g. Organizational Unit(OU) identification, domain “trusts”, Domain Name System(DNS), identity resolution)
  • Splunk ‘syslog’ experience with “raw” log interpretation and report/dashboard creation.

Physical Demands:

  • Must be able to lift up to 10-20 pounds 
  • Must be able to stand and walk for prolonged amounts of time 
  • Must be able to twist, bend and squat periodically

SECURITY CLEARANCE REQUIREMENTS: Must currently hold a security clearance at the Secret level. US Citizenship is a requirement for this contract.

 

#LI-JR1

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed

Applicants may be subject to a pre-employment drug & alcohol screening and/or random drug screen, and must follow UIC’s Non-DOT Drug & Alcohol Testing Program requirements. If the position requires, an applicant must pass a pre-employment criminal background history check. All post-secondary education listed on the applicant’s resume/application may be subject to verification.

Where driving may be required or where a rental car must be obtained for business travel purposes, applicants must have a valid driver license for this position and will be subject to verification. In addition, the applicant must pass an in-house, online, driving course to be authorized to drive for company purposes.

UIC is an equal opportunity employer. We evaluate qualified applicants without regard to race, age, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, and other protected characteristics EOE/AA/M/F/D/V. In furtherance, pursuant to The Alaska Native Claims Settlement Act 43 U.S.C. Sec. 1601 et seq., and federal contractual requirements, UIC and its subsidiaries may legally grant certain preference in employment opportunities to UIC Shareholders and their Descendants, based on the provisions contained within The Alaska Native Claims Settlement Act. Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities. Please view Equal Employment Opportunity Posters provided by OFCCP here.

All candidates must apply online at www.uicalaska.com, and submit a completed application for all positions they wish to be considered. Once the employment application has been completed and submitted, any changes to the application after submission may not be reviewed. Please contact a UIC HR Recruiter if you have made a significant change to your application. In accordance with the Americans with Disabilities Act of 1990 (ADA), persons unable to complete an online application should contact UIC Human Resources for assistance (https://uicalaska.com/careers/recruitment/).

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)

UIC Government Services (UICGS / Bowhead) provides innovative business solutions to federal and commercial customers in the areas of engineering, maintenance services, information technology, program support, logistics/base support, and procurement. Collectively, the fast-growing Bowhead Family of Companies offers a breadth of services which are performed with a focus on quality results. Headquartered in Springfield, VA, we are a fast-growing, multi-million-dollar company recognized as a top Alaska Native Corporation providing services across the Department of Defense and many federal agencies. Bowhead offers competitive benefits including medical, dental, vision, life insurance, accidental death and dismemberment, short/long-term disability, and 401(k) retirement plans as well as a paid time off programs for eligible full-time employees. Eligible part-time employees are able to participate in the 401(k) retirement plans and state or contract required paid time off programs.

Join our Talent Community!

Join our Talent Community to receive updates on new opportunities and future events.