GDH · 6 hours ago
Network Engineer
Alexandria, VA
Full-time
Onsite
Senior Level, Lead/Staff
$62/hr - $69/hr
8+ years expGDH is seeking a Network Security Engineer to safeguard enterprise networks. The role involves designing, implementing, and maintaining a Zero Trust Architecture-driven network infrastructure with a focus on advanced Network Access Control solutions.
ConsultingEmploymentStaffing Agency
No H1B
Security Clearance RequiredU.S. Citizen Only
Responsibilities
Lead the design, deployment, and management of Cisco Identity Services Engine (ISE) to provide secure, scalable authentication and authorization services. Manage all aspects of the ISE environment, including Policy Service Nodes, Monitoring and Troubleshooting Nodes, and the Primary Admin Node
Implement and maintain comprehensive NAC solutions supporting 802.1X, MAC Authentication Bypass (MAB), endpoint posture assessment, and profiling to ensure endpoint security compliance
Configure and administer guest access, Bring Your Own Device (BYOD) policies, and device profiling within Cisco ISE, ensuring security best practices are followed
Conduct routine system updates, patches, and health checks on ISE deployment to maximize stability, including executing node upgrades and troubleshooting complex authentication issues
Analyze logs from RADIUS, TACACS+, LDAP, and Active Directory to troubleshoot and resolve authentication and network access issues effectively
Enforce strict NAC policies aligned with organizational security standards, supporting device posture validation, certificate-based authentication (TLS/SSL, PKI), and integration with security tools
Support traffic analysis using Wireshark, TCPDump, and network monitoring tools to diagnose network anomalies and authentication failures
Collaborate with network and security teams to design and implement Zero Trust security models and the principle of least privilege
Facilitate seamless integration of Cisco ISE with security infrastructure, including firewalls and next-generation firewall solutions
Provide expert support in multi-VRF environments, ensuring NAC enforcement across complex, segmented networks, and troubleshoot LAN/WAN connectivity and performance issues related to NAC
Qualification
Required
Bachelor's degree in Computer Science, Information Systems, or related field with at least 8 years (or equivalent experience)
Minimum of 5 years' dedicated experience in network security, with at least 3 years hands-on experience managing Cisco ISE and NAC policies
Active Secret clearance or higher
DoD 8570 IAT Level II certification (e.g., Security+ CE, CCNA Security, SSCP)
Deep expertise in Cisco ISE architecture, endpoint profiling, posture assessment, and classification
Proficiency with 802.1X, MAB, RADIUS, TACACS+, LDAP, and Active Directory integration
Hands-on experience with Cisco switch CLI for configuration and troubleshooting
Strong understanding of PKI, TLS/SSL, OpenSSL, and certificate-based authentication
Preferred
Familiarity with security appliances such as firewalls and NGFWs
Basic scripting skills in Python, Bash, or REST APIs for automation and troubleshooting
Proven experience working within cybersecurity frameworks and compliance standards
Company
GDH
GDH is consulting staffing firm that specializes in providing IT engineering-based candidates to commercial and government sectors.
501-1000 employees
Funding
Current Stage
Late StageLeadership Team
Blaine Caples
Chief Revenue Officer (CRO)
Recent News
Bangkok Post
2025-10-22
2025-04-09
Company data provided by crunchbase