TACAC Migration Engineer - (Remote)

Position: TACACS to ISE Migration Engineer

Length: 6-9 Month Contract with Potential to extend and/or convert

Location: 100% REMOTE!!! headquarters is out of Fort Lauderdale, FL

Job Summary:

We are seeking a highly skilled contractor with strong experience in AAA frameworks to lead the migration of our legacy TACACS 5.8 environment to Cisco Identity Services Engine (ISE). This project includes designing, implementing, testing, and documenting the new Cisco ISE-based AAA and RADIUS authentication platform used across our infrastructure for network device access control and user authentication.

Must Haves:

1. Migration experience from TACACS 5.8 to Cisco ICE

2. Strong cisco networking background working with AAA as a methodology and RADIUS services

3. Light network security and systems that can understanding LDAP and AD

Nice to Haves:

1. Light scripting preferably Python or Ansible.

Key Responsibilities:

• Assess and document the current TACACS+ 5.8 configuration and usage across all network infrastructure.
• Design and implement a secure and scalable Cisco ISE architecture to support centralized AAA and RADIUS services.
• Configure Cisco ISE policies, device profiles, network device groups, identity stores, and policy sets to replicate or improve upon existing TACACS functionality.
• Integrate Cisco ISE with directory services (e.g., Active Directory or LDAP).
• Ensure high availability and redundancy are built into the Cisco ISE deployment.
• Collaborate with Network Engineering and Security teams to validate authentication workflows and policy enforcement.
• Develop migration strategy and coordinate phased cutover from TACACS to Cisco ISE with minimal disruption.
• Create comprehensive documentation of ISE configuration, device onboarding procedures, and operational guides.
• Provide knowledge transfer and training to internal teams on managing Cisco ISE.

Required Skills and Experience:

• Proven experience with AAA services, TACACS+, and RADIUS authentication systems.
• Deep hands-on experience with Cisco ISE (2.x/3.x), including architecture design and policy configuration.
• Strong understanding of network access control, 802.1X, device profiling, and role-based access control (RBAC).
• Experience migrating legacy TACACS+ environments to Cisco ISE.
• Familiarity with integrating ISE with directory services like Active Directory and LDAP.
• Strong understanding of Cisco switches, routers, firewalls, and wireless infrastructure from an AAA perspective.
• Proficient in troubleshooting authentication issues and analyzing logs from Cisco ISE.
• Excellent communication and documentation skills.

Preferred Qualifications:

• Cisco Certified Network Professional (CCNP), Cisco Certified Specialist Security or ISE certifications.
• Experience with scripting or automation for network configurations (Python, Ansible).
• Familiarity with posture assessment, guest access, or BYOD policies in ISE.
• Prior experience in service provider or large enterprise environments.

Required Skills : Must Haves: 1. Migration experience from TACACS 5.8 to Cisco ICE 2. Strong cisco networking background working with AAA as a methodology and RADIUS services 3. Light network security and systems that can understanding LDAP and AD