Security Architect Consultant

Project Scope:

For an upcoming project South Carolina Judicial Branch (SCJB) seeks an engineer with experience using Cisco Secure Internet Gateway/ Cisco Web Secure Access (Umbrella) to Ciscos SSE suite. This person would be responsible for migration of existing Secure Internet Gateway policies users and devices into SSE while maintaining support for existing systems and their business requirements. The Cisco Security Engineer will be responsible for designing implementing and managing secure access policies to support enterprise security strategies. They must be able to serve as a subject matter expert on Cisco Web Secure Access including Secure Internet Gateway and with Secure Internet Access. This role requires collaboration with Security IT and business stakeholders to test and validate migrated policies to ensure that existing security protections are maintained on the new platform.

Roles/Responsibilities:

This engineer will be responsible for deploying administering and supporting Cisco ASA Cisco Secure Firewall and Cisco Secure Access products to document existing policies and to migrating existing policies. This includes migrating existing Umbrella SIG policy to Secure Access deployment of web filtering rules to replicate currently permitted access and to assist in deployment of remote access VPN and ZTNA-based access for end users.

The Cisco Security Engineer will be responsible for designing implementing and managing secure access policies to support enterprise security strategies. They must be able to serve as a subject matter expert on Cisco Web Secure Access including Secure Internet Gateway and with Secure Internet Access. This role requires collaboration with Security IT and business stakeholders to test and validate migrated policies to ensure that existing security protections are maintained on the new platform.

Mandatory Skill:

1. 3 years of experience monitoring and analyzing existing rules and converting them into least-privilege rules for both private and web policies
2. 3 years of experience deploying and administering Cisco Secure Firewall for remote access and IPSEC-based VPN
3. 3 years of experience with Cisco endpoint web filtering technologies or similar technologies (Palo Alto Checkpoint Fortinet)
4. 2 years of experience deploying ZTNA or SASE tools
5. Ability to communicate and coordinate with identified IT and business stakeholders
6. Ability to train IT staff for ongoing administration of the product

Desirable Skills:

1. Previous deployment experience with Cisco SSE and ZTNA architecture and products or similar experience with other vendors
2. Experience with Cisco SecureX Secure Endpoint and the Cisco Secure Client
3. Experience administering Cisco Secure Access
4. Experience administering Cisco Umbrella including Secure Internet Gateway products
5. Experience designing implementing and managing Secure Access to support enterprise security strategies.
6. Experience deploying Cisco Remote Access VPN solutions on Ciscos ASA platform
7. Experience administering and interfacing with Check Point firewalls
8. Certification: CCNP Security
9. Certification: CCNP Routing and Switching
10. Certification: CCSP