Security Architect

Project Role : Security Architect
Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.
Must have skills : Cisco Identity Services Engine (ISE)
Good to have skills : NA
Minimum 3 year(s) of experience is required
Educational Qualification : 15 years full time education

Summary: We are looking for an experienced Network Security Engineer with deep expertise in Cisco Identity Services Engine (ISE) to design, implement, and manage network access control solutions. The ideal candidate will be responsible for ensuring secure and compliant access to corporate network resources across wired, wireless, and VPN environments. The candidate should also have hands-on experience in maintaining security infrastructure using Firewalls, VPN, Web Proxy etc. The ideal candidate will have a strong background in network security, and Cisco Identity Services Engine (ISE). Roles & Responsibilities: - Design, deploy, configure, and maintain Cisco ISE for wired, wireless, and VPN access control. - Develop and implement 802.1X authentication, MAC Authentication Bypass (MAB), and posture assessment policies. - Integrate ISE with Active Directory, Certificate Authorities, Radius/TACACS+, and endpoint profiling solutions. - Maintain and optimize Policy Sets, Authorization/Authentication rules, and device administration policies. - Configure and troubleshoot NADs (Network Access Devices) for integration with ISE (e.g., Cisco switches, wireless controllers, firewalls). - Monitor and analyze logs and reports for compliance, threat detection, and performance tuning. - Lead troubleshooting efforts related to network access issues and authentication failures. - Collaborate with infrastructure, security, and helpdesk teams to support end-user access and remediation. - Document configuration, change control, and operational procedures for Cisco ISE and access control policies. - Stay updated on best practices, vulnerabilities, and Cisco ISE version updates. Professional & Technical Skills: - 3–5 years of experience in deploying and managing Cisco ISE in enterprise environments. - Strong understanding of network access control (NAC) concepts, 802.1X, RADIUS, and EAP protocols. - Experience integrating ISE with Cisco switches, wireless controllers, firewalls, and VPN solutions. - Proficiency in troubleshooting authentication issues and analyzing logs via ISE and network devices. - Familiarity with endpoint profiling, posture validation, and BYOD policies. - Working knowledge of Cisco Catalyst, Wireless LAN Controllers, and Cisco AnyConnect. - Strong documentation and communication skills. -Must have skills: Cisco Identity Services Engine (ISE), Firewalls -Good to have skills: Palo Alto Firewalls, Prisma SASE Minimum 4 year(s) of experience is required Additional Information: - The candidate should have a minimum of 4 years of experience in Cisco ISE. - A 15 years full time education is required.