Job Title: Cisco ISE NAC Engineer
Location: remote
Pay rate: open to both W2 and established 1099''s
Position type: multiyear contract
We are currently seeking a Cisco ISE NAC Engineer. This is a long term, remote contracting position. Candidates must live in the United States and be able to pass both a criminal and credit background check. We are able to work with W2 and established 1099’s (no c2c).
This role is for a Cisco Identity Services Engine (ISE) Network Access Control (NAC) Engineer with 5–10 years of overall IT/network security experience and 3–5 years of hands-on Cisco ISE experience. The engineer will be responsible for implementing, administering, troubleshooting, and optimizing Cisco ISE to provide secure network access across enterprise environments. Daily responsibilities include supporting authentication and authorization policies, integrating ISE with identity services, resolving Tier 2/3 incidents, maintaining documentation, participating in change management and on-call support, and ensuring secure access for wired, wireless, guest, and BYOD devices. The ideal candidate has strong enterprise networking and authentication experience, understands identity-based access control, and can work independently in a structured environment with strict change management processes.
This role requires someone with:
- 5–10 years of enterprise networking/security experience.
- 3–5 years administering Cisco ISE.
- Strong knowledge of 802.1X, MAB, RADIUS, TACACS+, PKI, and Active Directory integration.
- Experience supporting enterprise NAC environments in production.
- Solid troubleshooting skills with Tier 2/3 support, change management, and documentation.
- Experience supporting guest access, BYOD, endpoint profiling, and posture assessment in large enterprise environments.
Job Description:3–5 years of hands-on experience with Cisco ISE (2.x / 3.x)- Experience implementing and supporting NAC solutions using Cisco ISE
- Strong understanding of:
- Policy Sets (Authentication & Authorization)
- Conditions, Profiles, and Rules logic
- Endpoint Profiling and Posturing
- 802.1X (wired and wireless)
- MAB (MAC Authentication Bypass)
- Guest/BYOD onboarding workflows
- Experience Authentication & Identity Integration
- Active Directory / LDAP / Azure AD
- PKI and EAP methods (PEAP, EAP-TLS, EAP-FAST)
- RADITACACS+
- Provide Tier 2/3 support for NAC-related issues
- Participate in on-call rotations
- Experience with change management processes, incident response, and root cause analysis.
- Maintain Network authentication runbooks, Standard operating procedures (SOPs) and Architecture diagrams
- Experience working in enterprise environments with strict change control
- Ability to manage multiple priorities and projects
System One, and its subsidiaries including Joulé and Mountain Ltd., are leaders in delivering outsourced services and workforce solutions across North America. We help clients get work done more efficiently and economically, without compromising quality. System One not only serves as a valued partner for our clients, but we offer eligible employees health and welfare benefits coverage options including medical, dental, vision, spending accounts, life insurance, voluntary plans, as well as participation in a 401(k) plan.
System One is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, age, national origin, disability, family care or medical leave status, genetic information, veteran status, marital status, or any other characteristic protected by applicable federal, state, or local law.
#M-
#LI-
Ref: #851-Rockville-S1