CybersecurityJobs.io
← Back to all jobs

Job Description

Deloitte's Cyber practice invites a senior Cisco network security engineer to shape advanced security architectures for enterprise clients. This onsite role in Milwaukee, WI, centers on Cisco security engineering, delivering Firepower deployments, ISE integrations, and cloud-ready defenses that align technical controls with business objectives. The position offers a competitive salary range of USD 105,400 to 207,800 annually and requires a BA/BS alongside hands-on field experience.

Responsibilities

  • Architect, deploy, and operate Cisco Firepower Threat Defense (FTD) and Firepower Management Center (FMC) across large networks, including on‑premises hardware, virtual deployments, and cloud-delivered solutions.
  • Implement and support Cisco Identity Services Engine (ISE) capabilities such as 802.1X NAC, device profiling, guest lifecycle management, TrustSec segmentation, and integration with enterprise identity stores.
  • Configure and optimize advanced Cisco security features, including IPS, malware protection, URL filtering, DNS‑based security, Security Intelligence, and SSL/TLS decryption policies.
  • Deploy and integrate Cisco Secure Firewall technologies in cloud environments (AWS, Azure, GCP), maintaining centralized policy management and secure connectivity across hybrid infrastructures.
  • Develop client‑facing security architectures that integrate Cisco platforms with SIEM and automation tools, delivering recommendations that balance technical requirements with compliance and business goals.

Requirements

  • Bachelor’s degree in a technical field (e.g., Computer Science, Cyber Security, Information Technology) or equivalent work experience.
  • CCNP Security or CCIE Security certification required.
  • Over five years of experience in network security engineering with Cisco security technologies.
  • More than five years designing, deploying, and managing Cisco FTD and FMC in enterprise environments, including physical appliances, virtual instances, and the cloud-delivered Firewall Management Center (cdFMC).
  • Over five years designing and implementing Cisco ISE, including distributed node architectures, high availability, patch management, and upgrade planning.
  • At least three years of experience with ISE 802.1X NAC, guest lifecycle management, profiling policies, TrustSec segmentation, and Cisco Firepower capabilities (IPS, malware protection, URL filtering, DNS‑based security, SSL/TLS decryption) and cloud firewall deployments in AWS and Azure.
  • Ability to travel up to 50% on average, depending on client engagements.
  • Limited immigration sponsorship may be available.
  • Additional cybersecurity certifications such as CISSP, GSEC, or GCED are a plus.
  • Experience with Cisco Secure Access, Cisco Umbrella, Cisco Secure Client, or Duo Security in Zero Trust architectures.
  • Experience with Cisco Extended Detection and Response (XDR), Cisco SecureX, or integrating Firepower and ISE telemetry for threat detection, investigation, and response.
  • Experience using REST APIs, Ansible, Terraform, or Python for policy provisioning, compliance checks, drift detection, or security automation.
  • Experience with Cisco Catalyst Center and ISE integration for Software-Defined Access (SD-Access) deployments and segmentation policy enforcement.
  • Experience delivering network security, access control, segmentation, or Zero Trust engagements within consulting environments.

Technologies

  • Cisco Firepower Threat Defense (FTD)
  • Cisco Firepower Management Center (FMC)
  • Cisco Identity Services Engine (ISE)
  • 802.1X network access control
  • TrustSec
  • Intrusion Prevention System (IPS)
  • Malware protection
  • URL filtering
  • DNS-based security
  • SSL/TLS decryption
  • Cisco Secure Firewall
  • AWS, Microsoft Azure, Google Cloud Platform (GCP)
  • SIEM tools
  • REST APIs
  • Ansible
  • Terraform
  • Python
  • Cisco Secure Access
  • Cisco Umbrella
  • Cisco Secure Client
  • Duo Security
  • Cisco Extended Detection and Response (XDR)
  • Cisco SecureX
  • Cisco Catalyst Center
  • Software-Defined Access (SD-Access)

Benefits

  • Discretionary annual incentive program

The Team

Our Enterprise Security offering integrates security across the entire digital transformation journey, safeguarding a client’s core infrastructure while enabling secure innovation. The team covers security architecture, secure development and deployment, end-to-end cyber cloud capabilities, application security, and protection for emerging technologies and connected products.

Similar Jobs