Cisco ISE Sr. Team Lead

Job#: 3032361

Job Description:

Cisco Identity Services Engineer (ISE) Team Lead - RDTE

Apex Systems is seeking a Cisco Identity Services Engineer (ISE) to support the design, engineering, operations, and maintenance of Cisco ISE environments across classified and unclassified Research, Development, Test, and Evaluation (RDTE) networks in Dahlgren, VA.

This is a senior-level role focused on network access control, endpoint security, and identity-based policy enforcement in complex enterprise environments.

Role Overview

As a Cisco ISE Engineer, you will serve as a subject matter expert responsible for implementing and managing identity and access control solutions across wired, wireless, and VPN infrastructures. You will work closely with customers and infrastructure teams to ensure secure, compliant, and high-performing network operations.

Responsibilities

• Configure, implement, and troubleshoot Cisco Identity Services Engine (ISE).
• Design, build, and analyze ISE policies and rules in compliance with client security requirements.
• Profile and manage unseen network devices, including:
  • Downloadable Access Control Lists (DACLs)
  • VLAN assignment
  • Endpoint profiling
• Implement and support 802.1X authentication using:
  • Cisco AnyConnect
  • Network Access Manager (NAM)
  • EAP-MSCHAPv2 and EAP-TLS
• Integrate ISE with wired networks, wireless infrastructure, and VPN solutions, including posture assessment and client provisioning.
• Configure and administer TACACS+ for network device authentication and authorization.
• Manage firewall and network security systems by enforcing approved security policies.
• Analyze network security requirements and implement perimeter security enhancements.
• Monitor network performance and conduct system tuning as needed.
• Install, maintain, and patch ISE software and hardware.
• Perform system backups and restorations.
• Review system logs daily and report anomalous or suspicious activity.
• Assist with certification and accreditation (C&A) activities.
• Develop and maintain technical documentation and Standard Operating Procedures (SOPs).
• Collaborate with cross-functional IT teams on projects and initiatives.
• Provide input for monthly status and progress reports.
• Serve as a technical liaison and subject matter expert for customers and internal teams.

Required Qualifications

• 6-10 years of experience in networking, IT, or related technical fields.
• Strong hands-on experience with Cisco ISE administration and operations.
• Demonstrated expertise in:
  • Endpoint authentication, authorization, and accounting
  • Network access control (NAC)
  • Device hardening and patching
• Experience with:
  • Cisco AnyConnect and related supplicants
  • PKI and 802.1X EAP-TLS troubleshooting
  • MAC Authentication Bypass (MAB)
• Working knowledge of Cisco routing and switching infrastructure.
• Proven ability to troubleshoot complex network issues and improve system reliability.
• Strong documentation, analytical, and problem-solving skills.
• Ability to work independently or as part of a structured project team.
• DoD 8570 IAT Level III certification required.
• Active Top Secret (TS) clearance required - no interim.
• U.S. Citizenship required.

Preferred / Desired Skills

• Cisco certifications such as CCNP (SISE) (or ability to obtain within 1 year).
• Experience with:
  • Cisco ACS (role-based TACACS+)
  • PxGrid, ThreatGrid, and Security Group Tags (SGTs)
  • Cisco Firepower integration
  • Cisco Prime, ASA, MDM solutions
  • DNS/DHCP and network load balancing
  • Wireless technologies (802.11 a/b/g/n)
• Active Directory integration and identity services (OUs, trusts, DNS, identity resolution).

Physical Requirements

• Ability to lift up to 10-20 pounds.
• Ability to stand or walk for extended periods.
• Ability to bend, twist, and squat as needed.

Position Details

• Salary Range: $120,000 - $140,000
• Clearance: Full Top Secret (TS), no interim
• Certifications: IAT Level III required; CCNP (SISE) preferred (1 year to obtain if not held)
• Resume Review: Required with COR (Senior-level role)
• Onsite Requirement:
  • 3 days onsite in Dahlgren, VA
  • 2 days remote

Everforth Apex is a world-class IT services company that serves thousands of clients across the globe. When you join Everforth Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRated's Best of Staffing in Talent Satisfaction in the United States and Great Place to Work in the United Kingdom and Mexico. Everforth Apex uses a virtual recruiter as part of the application process. Click for more details.

Everforth Apex Benefits Overview: Everforth Apex offers a range of supplemental benefits, including medical, dental, vision, life, disability, and other insurance plans that offer an optional layer of financial protection. We offer an ESPP (employee stock purchase program) and a 401K program which allows you to contribute typically within 30 days of starting, with a company match after 12 months of tenure. Everforth Apex also offers a HSA (Health Savings Account on the HDHP plan), a SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions, a corporate discount savings program and other discounts. In terms of professional development, Everforth Apex hosts an on-demand training program, provides access to certification prep and a library of technical and leadership courses/books/seminars once you have 6+ months of tenure, and certification discounts and other perks to associations that include CompTIA and IIBA. Everforth Apex has a dedicated customer service team for our Consultants that can address questions around benefits and other resources, as well as a certified Career Coach. You can access a full list of our benefits, programs, support teams and resources within our 'Welcome Packet' as well, which an Everforth Apex team member can provide.