Sr. Info Security Engineer - Cisco ISE

About the position At U.S. Bank, we’re on a journey to do our best. Helping the customers and businesses we serve to make better and smarter financial decisions and enabling the communities we support to grow and succeed. We believe it takes all of us to bring our shared ambition to life, and each person is unique in their potential. A career with U.S. Bank gives you a wide, ever-growing range of opportunities to discover what makes you thrive at every stage of your career. Try new things, learn new skills and discover what you excel at—all from Day One.

Job Description

What you will do Cisco ISE directly supports: Enterprise 802.1X network authentication, Network Access Control (NAC), device posture validation, secure access across corporate and remote environments High availability validation and failover testing, improved disaster recovery posture, monitoring and telemetry enhancements, reduction of manual operational processes Implements and supports security solutions and technologies to protect data/assets from unauthorized access, use, disclosure, destruction, modification, or disruption. Provides project leadership, security oversight, and risk management on security projects. Sets security design guidelines, frameworks, and models. Works to identify new security issues and risks and is involved in developing mitigation plans. Helps identify and document security objectives. Participates in projects that develop new intellectual property. Trains/mentors members of the team. Builds relationships and trust across the organization. Evaluates and recommends new and emerging security products and technologies. Works to develop and interpret security policies and procedures. Supports acquisition and vendor risk assessment due diligence. Leads the building, deployment, and maintenance of security tools utilized by the insider threat program. Proactively seeks solutions to mitigate risk and clearly communicate risks to the appropriate stakeholders. Basic Skills - Typically a Bachelor's degree, or equivalent work experience - Typically five or more years of relevant experience - Advanced technical and functional subject matter expert knowledge across security domain areas

Responsibilities

• Enterprise 802.1X network authentication
• Network Access Control (NAC)
• device posture validation
• secure access across corporate and remote environments
• High availability validation and failover testing
• improved disaster recovery posture
• monitoring and telemetry enhancements
• reduction of manual operational processes
• Implements and supports security solutions and technologies to protect data/assets from unauthorized access, use, disclosure, destruction, modification, or disruption.
• Provides project leadership, security oversight, and risk management on security projects.
• Sets security design guidelines, frameworks, and models.
• Works to identify new security issues and risks and is involved in developing mitigation plans.
• Helps identify and document security objectives.
• Participates in projects that develop new intellectual property.
• Trains/mentors members of the team.
• Builds relationships and trust across the organization.
• Evaluates and recommends new and emerging security products and technologies.
• Works to develop and interpret security policies and procedures.
• Supports acquisition and vendor risk assessment due diligence.
• Leads the building, deployment, and maintenance of security tools utilized by the insider threat program.
• Proactively seeks solutions to mitigate risk and clearly communicate risks to the appropriate stakeholders.

Requirements

• Typically a Bachelor's degree, or equivalent work experience
• Typically five or more years of relevant experience
• Advanced technical and functional subject matter expert knowledge across security domain areas

Nice-to-haves

• Hands‑on experience as a primary technical owner/operator of Cisco ISE, supporting NAC, RADIUS, and TACACS+ in large‑scale enterprise environments (10,000+ users).
• Strong network engineering and troubleshooting background across wired and wireless networks, including configuration of Cisco switches and wireless access points.
• Proven ability to implement and troubleshoot AAA authentication and authorization policies across network devices.
• Experience integrating identity and access controls with Active Directory and LDAP.
• Solid Linux system administration experience supporting security and network platforms.
• Working knowledge of virtualized environments, including VMware vSphere/vCenter.
• Experience designing and operating enterprise network resiliency, including load balancing, high availability, and failover strategies.
• Proficiency in log analysis and troubleshooting, including AAA logs and accounting records for auditing and incident response.
• Strong execution, communication, and collaboration skills, with the ability to translate complex technical topics into clear, actionable outcomes across cross‑functional teams.

Benefits

• Healthcare (medical, dental, vision)
• Basic term and optional term life insurance
• Short-term and long-term disability
• Pregnancy disability and parental leave
• 401(k) and employer-funded retirement plan
• Paid vacation (from two to five weeks depending on salary grade and tenure)
• Up to 11 paid holiday opportunities
• Adoption assistance
• Sick and Safe Leave accruals of one hour for every 30 worked, up to 80 hours per calendar year unless otherwise provided by law

Apply tot his job Apply To this Job