ISE Engineer Job Listing at SAIC in Colorado Springs, CO (Job ID 2610016)

Description

Description

SAIC is seeking a Cisco Identity Services Engine (ISE) Engineer to join our Comply to Connect (C2C) team in support of the North American Aerospace Defense Command/United States Northern Command (N&NC) Information Technology (IT) Enterprise Services (NITES) contract, with primary work onsite in Colorado Springs.  This role requires hands-on experience with Cisco ISE, network authentication protocols, security policy enforcement, and compliance with DoD cybersecurity frameworks.  The ideal candidate will collaborate with a team of IT professionals to maintain, troubleshoot, and optimize Cisco ISE infrastructure while ensuring compliance with security standards such as DISA STIGs, NIST 800-53, and IAVM policies.

 

Key Responsibilities

• Assist in configuring, maintaining, and optimizing Cisco ISE for authentication, authorization, and accounting (AAA).
• Support 802.1X, MAB (MAC Authentication Bypass), posture assessment, and profiling for endpoint security.
• Troubleshoot authentication failures, endpoint misclassifications, and network access issues.
• Administer and maintain ISE Policy Service Nodes (PSNs), Monitoring and Troubleshooting Nodes (MnTs), and PAN (Primary Admin Node).
• Configure and troubleshoot Cisco ISE Guest Access, BYOD policies, and device profiling.
• Perform routine ISE system updates, patches, and health checks to ensure system stability.
• Monitor and analyze RADIUS, TACACS+, LDAP, and Active Directory authentication logs for security compliance and performance issues.
• Ensure Network Access Control (NAC) enforcement aligns with DoD Comply to Connect (C2C) policies and DISA STIGs.
• Support device posture validation, TrustSec, dynamic ACL (dACL) provisioning, VLAN assignments, and security group tagging (SGT).
• Work alongside network and security teams to enforce Zero Trust security models and least privilege access principles.
• Assist in implementing certificate-based authentication (TLS/SSL, OpenSSL operations, and PKI infrastructure).

Qualifications

Required Qualifications

• Active Top Secret security clearance.
• Certification required per DoDD 8140.03, Intermediate Level (Security+ or equivalent)
• BS or equivalent work experience in the Information Assurance / Cybersecurity field
• 9+ years of overall IT security experience
• Exceptional analytical, problem-solving, and communication skills, with the ability to articulate complex technical concepts to both technical and non-technical stakeholders.
• Knowledge of certificate-based authentication (PKI, TLS/SSL, OpenSSL, and certificate management).
• Experience working within DoD cybersecurity compliance frameworks (DISA STIGs, NIST 800-53, IAVMs).
• 3+ years of hands-on experience in Cisco ISE administration, NAC policy management, and network authentication security.
• Experience with 802.1X, MAB, RADIUS, TACACS+, and LDAP integration.

 

Preferred Qualifications

• 5+ years of experience in network security and NAC.
• Strong understanding of Cisco ISE architecture, profiling policies, posture assessment, and endpoint classification.
• Hands-on experience troubleshooting authentication failures, network access issues, and ISE system health.
• Basic scripting knowledge (Python, Bash, or REST APIs) for automation and troubleshooting is a plus.

Preferred Certifications

• Cisco Certified Specialist – ISE
• Cisco Certified Network Associate (CCNA) – Security or Enterprise
• Cisco Certified Network Professional (CCNP) – Security or Enterprise

Target salary range: $160,001 - $200,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.

 Apply on company website