The Cisco ISE Engineer supports the SEC ISS contract by designing and operating Cisco Identity Services Engine (ISE) capabilities that control secure access across SEC enterprise networks. This role implements and maintains AAA services, integrates ISE with Microsoft Active Directory and Microsoft Entra ID, and enforces policy-based access for wired and wireless environments. The position advances the PWS zero-trust direction by strengthening identity-centric controls, reducing legacy authentication exposure, and supporting compliance with federal cybersecurity requirements. The engineer also supports incident resolution, operational monitoring, and SLA-driven service delivery for mission-critical SEC IT services.
Primary responsibilities
ISE Solution Architecture and Deployment
- Design, implement, and administer Cisco ISE solutions to enforce network access control across SEC-managed enterprise environments.
- Build and maintain ISE policy sets, authentication/authorization rules, and enforcement workflows for user and device onboarding.
- Plan and execute ISE platform upgrades, patching, and optimization activities to maintain performance, resiliency, and service continuity.
- Coordinate ISE architecture and implementation activities with network engineering teams supporting WAN, LAN, and WLAN services.
AAA and Identity Integration
- Configure and manage AAA services using RADIUS and TACACS+ for secure access to network infrastructure and services.
- Integrate Cisco ISE with Microsoft Active Directory and Microsoft Entra ID (Azure AD) to support centralized identity lifecycle and access governance.
- Implement 802.1X authentication methods and NAC controls for wired and wireless endpoint access.
- Align role-based access outcomes with enterprise identity and access management practices, including policy consistency and periodic access review support.
Zero-Trust and Security Compliance Enforcement
- Translate zero-trust requirements into ISE enforcement policies for identity, device trust, and session-based access decisions.
- Support implementation of SEC-directed control enforcement activities, including secure authentication methods and protection of data in transit.
- Maintain configuration documentation, SOP inputs, and control evidence to support FISMA-aligned audits and ongoing authorization requirements.
- Partner with cybersecurity and governance stakeholders to remediate access-control gaps and strengthen enterprise security posture.
Operations, Troubleshooting, and Service Delivery
- Troubleshoot complex authentication, authorization, and network access issues across Cisco switching, routing, and wireless infrastructure.
- Monitor ISE health, logs, and policy outcomes; proactively identify trends and implement corrective actions to reduce recurring incidents.
- Participate in incident response and escalation workflows, including cross-team coordination for high-priority operational events.
- Support SLA-focused reporting by capturing service data, documenting outcomes, and contributing to continuous service improvement.
Required qualifications
USA Citizenship required.
Clearance: Ability to obtain and maintain SEC Public Trust (or higher if required).
Education: Bachelors in a relevant field (e.g., Information Technology, Cybersecurity, Computer Science, Engineering).
Experience:
- 5-7 years of experience in network engineering and/or security roles in enterprise environments.
- 3+ years of hands-on experience implementing and managing Cisco ISE in production environments.
- Experience integrating identity and access controls with Microsoft Active Directory and Microsoft Entra (Azure AD).
Technical Skills:
- Cisco Identity Services Engine (ISE) design, deployment, policy management, and troubleshooting.
- Strong knowledge of network protocols, including AAA protocols such as RADIUS and TACACS+, and 802.1X/NAC controls.
- Wired and wireless network security best practices across Cisco network devices.
- Enterprise security frameworks and zero-trust access control principles.
- Incident analysis, root-cause troubleshooting, and operational documentation for SLA-driven support environments.
Preferred qualifications
- Experience supporting federal IT environments with FISMA/NIST-aligned security and compliance requirements.
- Experience implementing certificate-based authentication, MFA/FIDO-aligned controls, and device trust policies in ISE.
- Experience automating network security policy or reporting workflows using scripting or infrastructure automation tools.
- Demonstrated success in 24x7 operational support environments with major incident escalation and cross-team bridge participation.
- Cisco security certification(s) such as CCNP Security or Cisco Identity-focused specialist credentials.
- CCNP Security
- Cisco Certified Specialist - Security Identity Management Implementation (SISE)
- CISSP
WORK ENVIRONMENT / OTHER
Operational Support: May require participation in on-call or surge support activities depending on operational needs.
Location: Telework (subject to SEC/contract direction).
Travel: As required per contract direction.
If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo — because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 — and moving faster than anyone else dares.
May 28, 2026
For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.
Pay Range $73,450.00 - $132,775.00
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
Leidos is a Fortune 500® innovation company rapidly addressing the world’s most vexing challenges in national security and health. The company's global workforce of 48,000 collaborates to create smarter technology solutions for customers in heavily regulated industries. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $15.4 billion for the fiscal year ended December 29, 2023.
Leidos was cited for the meaningful work employees perform that is challenging, impactful, and aligned with our customers’ missions as reasons professionals want to work and stay at our company. Leidos has also been named to lists including Forbes’ Best Employers for Diversity, Forbes’ America’s Best Employers for Women, Military Times Best for Vets Employers, and Ethisphere Institute’s World's Most Ethical Companies®.
Employees enjoy career enrichment opportunities available through mobility and development and experience rewarding relationships with supportive supervisors and talented colleagues and customers. Employees appreciate our flexible work environment, allowing for and encouraging a true work-life balance. Our professionals are also excited about our Employee Resource Groups, like the Collaborative Outreach with Remote and Embedded Employees (CORE), which strives to create an environment where every employee, regardless of location, feels fully engaged as a valued employee of Leidos.
Your most important work is ahead, visit careers.leidos.com for our latest opportunities.
