TACACS )Terminal Access Controller Access Control System) SME- Remote

Position Overview:

Position Summary
The TACACS Consultant is a senior-level specialist responsible for assessing, designing, and optimizing enterprise TACACS and access control infrastructures. This role will perform a comprehensive audit of existing environments, develop current-state and future-state designs, and guide the organization toward a secure, scalable, and best-practice-aligned TACACS implementation. The consultant will act as a subject matter expert (SME), supporting both strategic architecture and ongoing operational stability.

Key Responsibilities

Assessment & Audit
Conduct a comprehensive audit of the enterprise TACACS infrastructure, including appliances, virtual machines, firmware, and supporting systems.
Develop a detailed inventory of all systems, platforms, and dependencies supporting TACACS.
Analyze device lists, rule usage, load balancers, and integrations to determine current capabilities and limitations.
Identify gaps in tagging, monitoring, logging, alerting, and overall visibility.

Architecture & Design
Create and deliver a formal Current-State (As-Is) TACACS Design documenting architecture, integrations, and operational flows.
Develop a Future-State (North Star) TACACS Design aligned with industry best practices, security standards, and scalability requirements.
Provide end-to-end TACACS architecture designs based on audit findings, including rule configuration and system placement.
Support the transition from current-state to future-state through phased design recommendations.

Implementation & Optimization
Lead or support TACACS configuration and rule design, including complex authorization logic.
Integrate TACACS with LDAP directories and external systems as required.
Assist with monitoring, syslog configuration, alerting, and capacity planning to ensure operational stability.

Operational Transition (BAU)
Support transition to Business-As-Usual (BAU) operations following implementation.
Assist with TACACS integration into evolving network environments, including VPN and frontier network ownership models.
Provide care-and-feeding support during stabilization periods.
Ensure documentation is complete, accurate, and aligned to operational handoff needs.

Documentation & Knowledge Transfer
Produce best-practice documentation covering configuration, architecture, and operational procedures.
Develop formal runbooks and reference materials to address identified gaps.
Train internal personnel to maintain and support the TACACS environment post-engagement.

Required Qualifications

Technical Expertise
5+ years of TACACS configuration and administration experience.
2+ years of RADIUS configuration experience.
Hands-on experience with Cisco ISE and TACACS-based access control platforms.
Strong background in network engineering, including routers and switches (5+ years).
Experience configuring and managing complex authorization rules.
Proven expertise working with device lists used in TACACS rule enforcement.
Strong LDAP integration experience.
Linux administration experience.
Experience working with APIs.

Preferred / Optional Skills
CyberArk integration with Cisco ISE.
Python scripting and automation experience.
Experience supporting TACACS environments running on appliances and/or virtualized platforms.
Ability to operate as a trusted SME in complex, niche access control environments.
Strong analytical skills with the ability to identify systemic risks and future capacity constraints.
Excellent documentation and communication skills, with experience presenting designs to technical and non-technical stakeholders.
Proven ability to collaborate across network, security, and infrastructure teams.

Engagement Characteristics
Initial engagement focused on assessment, design, and remediation planning.
Mid-phase engagement focused on implementation and optimization.
Final phase focused on stabilization, documentation, training, and BAU transition.