BRMi

Cisco Identity Services Engine (ISE) Engineer

Job Locations US-VA | US-MD | US-FL | US-TX | US-DC
Posted Date 2 days ago(7/7/2026 1:23 PM)
ID
2026-4320
# of Openings
1
Category
Application Development

Overview

In an effort to prevent employment fraud, must complete one on site interview before an offer is made regardless of location.

 

BRMi is seeking a Cisco Identity Services Engine (ISE) Engineer to support the design, implementation, administration, and optimization of our enterprise Network Access Control (NAC) environment. This role will be responsible for managing secure network authentication services, troubleshooting complex access issues, and ensuring reliable identity-based access across wired and wireless enterprise networks.

 

The ideal candidate has hands-on experience with Cisco ISE, strong knowledge of authentication protocols and identity integrations, and thrives in a highly regulated enterprise environment with formal change management processes.

 

Benefits:
• Comprehensive Medical, Dental, and Vision Insurance
• Employer-Paid Life Insurance
• Employer-Paid Short-Term and Long-Term Disability Insurance
• 401(k) 
• Paid Time Off (PTO) that includes Vacation Leave, Sick Leave, and 11 Paid Holidays
• Educational Assistance

 

Salary: $110K-$132K

 

**Can be 100% remote in TX, VA, MD, DC, WV or FL**

 

Click here to learn about BRMi's culture.

 

Click here to see BRMi’s Glassdoor reviews

Responsibilities

  • Administer, configure, and support Cisco Identity Services Engine (ISE) 2.x and 3.x environments.
  • Design, implement, and maintain Network Access Control (NAC) solutions using Cisco ISE.
  • Configure and maintain authentication and authorization Policy Sets, Conditions, Profiles, and Rules.
  • Support wired and wireless 802.1X authentication deployments.
  • Configure and troubleshoot MAC Authentication Bypass (MAB) for non-802.1X capable devices.
  • Implement and maintain endpoint profiling and posture assessment policies.
  • Support Guest and Bring Your Own Device (BYOD) onboarding solutions.
  • Integrate Cisco ISE with enterprise identity providers including Active Directory, LDAP, and Azure Active Directory.
  • Configure and support authentication protocols including RADIUS, TACACS+, PEAP, EAP-TLS, and EAP-FAST.
  • Perform troubleshooting and root cause analysis for network authentication and access-related issues.
  • Provide Tier 2 and Tier 3 operational support for Cisco ISE and NAC-related incidents.
  • Participate in scheduled on-call support rotations as required.
  • Create and maintain runbooks, standard operating procedures (SOPs), technical documentation, and architecture diagrams.
  • Collaborate with network, infrastructure, security, and identity management teams to implement secure access solutions.
  • Participate in system upgrades, maintenance activities, and infrastructure improvement initiatives.
  • Ensure all work is performed in accordance with established change management and enterprise operational procedures.
  • Manage multiple operational priorities while supporting concurrent projects and initiatives.
  • Perform other duties as assigned

Qualifications

  • Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or a related discipline, or equivalent combination of education and professional experience.
  • 3–5 years of hands-on experience administering Cisco Identity Services Engine (ISE) version 2.x and/or 3.x.
  • Experience implementing and supporting Network Access Control (NAC) solutions using Cisco ISE.
  • Strong understanding of:
    • Authentication and Authorization Policy Sets
    • Policy Conditions, Profiles, and Rules
    • Endpoint Profiling
    • Posture Assessment
    • 802.1X authentication (wired and wireless)
    • MAC Authentication Bypass (MAB)
    • Guest Access and BYOD onboarding
  • Experience integrating Cisco ISE with:
    • Microsoft Active Directory
    • LDAP
    • Azure Active Directory
  • Knowledge of Public Key Infrastructure (PKI) and certificate-based authentication.
  • Experience with EAP authentication methods including PEAP, EAP-TLS, and EAP-FAST.
  • Strong understanding of RADIUS and TACACS+ authentication services.
  • Experience troubleshooting complex authentication and network access issues.
  • Experience working within enterprise environments utilizing formal incident, problem, and change management processes.
  • Strong documentation, analytical, and communication skills.
  • Ability to manage multiple priorities while maintaining high-quality customer support.

** BRMi will not sponsor applicants for work visas for this position.**

**This is a W2 opportunity only**

 

EOE/Minorities/Females/Vet/Disabled 

We are an equal opportunity employer that values diversity and commitment at all levels. All individuals, regardless of personal characteristics, are encouraged to apply. Employment policies and decisions on employment and promotion are based on merit, qualifications, performance, and business needs. The decisions and criteria governing the employment relationship with all employees are made in a nondiscriminatory manner, without regard to race, religion, color, national origin, sex, age, marital status, physical or mental disability, medical condition, veteran status, or any other factor determined to be unlawful by federal, state, or local statutes. 

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed