Compunnel
We are seeking a highly skilled engineer to lead the migration of a legacy TACACS+ 5.8 environment to a Cisco Identity Services Engine (ISE)-based platform.
This contract role requires deep expertise in AAA methodologies, RADIUS services, and Cisco network infrastructure.
The engineer will be responsible for end-to-end migration including design, implementation, testing, documentation, and knowledge transfer.
Key Responsibilities
Assess and document the current TACACS+ 5.8 configuration and usage across network infrastructure.
Design and implement a secure, scalable Cisco ISE architecture supporting centralized AAA and RADIUS authentication.
Configure Cisco ISE policies, identity stores, device profiles, policy sets, and network device groups.
Integrate Cisco ISE with directory services such as Active Directory and LDAP.
Ensure high availability and redundancy in the ISE deployment.
Collaborate with network and security teams to validate authentication workflows.
Develop and execute a phased migration strategy with minimal service disruption.
Create comprehensive documentation of ISE configurations, operational procedures, and onboarding guidelines.
Provide training and knowledge transfer to internal teams.
Required Qualifications
Proven experience with AAA services, TACACS+, and RADIUS authentication. Hands-on experience with Cisco ISE (version 2.x/3.x), including architecture design and policy creation. Strong understanding of 802.1X, device profiling, network access control, and role-based access control (RBAC). Experience migrating legacy TACACS+ environments to Cisco ISE. Familiarity with integrating ISE with Active Directory and LDAP. Solid understanding of Cisco infrastructure (switches, routers, firewalls, wireless) from an AAA perspective. Proficient in troubleshooting and log analysis related to authentication issues in Cisco ISE. Excellent communication and documentation skills. Preferred Qualifications
Cisco Certified Network Professional (CCNP), Cisco Certified Specialist Security or ISE-related certifications. Experience with scripting or network automation using Python or Ansible. Familiarity with ISE features such as posture assessment, guest access, and BYOD policy management. Previous experience working in service provider or large-scale enterprise environments.
#J-18808-Ljbffr
Proven experience with AAA services, TACACS+, and RADIUS authentication. Hands-on experience with Cisco ISE (version 2.x/3.x), including architecture design and policy creation. Strong understanding of 802.1X, device profiling, network access control, and role-based access control (RBAC). Experience migrating legacy TACACS+ environments to Cisco ISE. Familiarity with integrating ISE with Active Directory and LDAP. Solid understanding of Cisco infrastructure (switches, routers, firewalls, wireless) from an AAA perspective. Proficient in troubleshooting and log analysis related to authentication issues in Cisco ISE. Excellent communication and documentation skills. Preferred Qualifications
Cisco Certified Network Professional (CCNP), Cisco Certified Specialist Security or ISE-related certifications. Experience with scripting or network automation using Python or Ansible. Familiarity with ISE features such as posture assessment, guest access, and BYOD policy management. Previous experience working in service provider or large-scale enterprise environments.
#J-18808-Ljbffr