Position: Senior Security Consulting Engineer
7+ years of experience are required.
As a Senior Security Consulting Engineer, you will serve as the technical expert for critical security infrastructure projects. This role combines high-level security consulting with deep-dive technical expertise. You will be responsible for leading the deployment of Cisco Identity Services Engine (ISE) solutions, with a specific focus on MAC Authentication Bypass (MAB) integration, while also leveraging your expertise in firewall technologies and DevOps practices to deliver secure, scalable network solutions. You will work closely with high-profile global clients to align security policies with business goals.
Key Responsibilities
Security Consulting & Advisory
• Leads customer delivery engagements and/or provides escalation support for large scale solutions and complex issues through deep technical expertise.
• Strategic Engagement: Build trusted advisor relationships with clients, identifying future engagement opportunities and assisting in the development of proposals and statements of work.
• Full Lifecycle Delivery: Provide end-to-end services, including advisory, integration, and managed services. Lead project workshops and training sessions to ensure customers realize the full value of Cisco Security solutions.
• Cross-Functional Collaboration: Work within the Cisco Customer Experience (CX) organization, collaborating with Security Architects, Solutions Development, and Account Teams to solve critical customer challenges.
ISE Project Leadership & MAB Deployment
• Planning & Design: Lead the planning phase for MAB deployments, defining scope, identifying non-802.1X endpoint types, and developing High-Level Designs (HLD).
• Policy & Integration: Define complex authentication and authorization policies (including fallback behaviors and SGTs). Integrate ISE with external applications via OpenAPI and ensure compatibility with newer ISE versions (3.2p6+).
• Documentation: Maintain and update Solution Design Documents (SDD) in alignment with client-specific Project Delivery Life Cycle (PDLC) requirements.
• Testing & Validation: Oversee testing scenarios in QA environments to validate MAB functionality, endpoint profiling, and policy enforcement.
Technical Engineering & DevOps
• Automation: Utilize DevOps methodologies and Java programming to support and enhance new solutions, including the Cisco Mesh Policy Engine.
• Infrastructure Support: Provide deep technical expertise in routing, switching, and Software Defined Access/WAN to ensure seamless integration of security solutions.
Required Skills & Qualifications
• ISE Expertise: Minimum of 7 years of experience as a Subject Matter Expert in Cisco ISE (Version 3+), including hardware/virtual platforms.
• Strong technical expertise in Cisco Secure Firewall / ASA security technologies, including building and maintaining enterprise deployments.
• DevOps & Automation: Proven experience with automation frameworks, Cisco APIs, and Java programming. A willingness to learn and support custom-developed solutions.
• Networking Fundamentals: Deep understanding of TCP/IP, routing, switching, and infrastructure applications.
• Consulting Mindset: Ability to communicate effectively with both technical staff and executive stakeholders. Strong skills in presenting alternative designs and influencing outcomes.
• Education & Certification:
o University degree in Computer Science or related field preferred
o Required: CCNA and CCNP Security.
o CCIE Security, CISSP, ITIL, COBIT5, TOGAF, or equivalent certifications and/or experience preferred
Additional Requirements
Client Onboarding: Successful candidate MUST be able to meet ALL requirements below for onboarding into client environments to access testing and production infrastructure.
1) Disclosure of all trading accounts held by you, your spouse, and any household members is required. Savings accounts do not need to be reported.
2) Customer will review and approve these accounts. If an account is not approved, it must be transferred to a Customer account.
3) There are restrictions on executing equity stock trades; all trades require prior review and approval by Customer Compliance, which can take up to seven days.
4) After executing a trade, the stock must be held for a minimum of 30 days.
5) If Customer approves the account, you will need to provide account statements every 30 days or quarterly, depending on your statement frequency, for all household members.
6) No approvals are required for buying or selling ETFs.
7) Any investments such as purchasing property or businesses must be disclosed.
Never miss an opportunity! Create an alert based on the job you applied for.
