Posted 22 days ago
No clicks
Senior Cybersecurity Platform Operator External focuses on network and perimeter security engineering centered on Cisco ISE, NAC, TACACS, and certificate management. The role requires managing multiple Cisco ISE environments, configuring RADIUS/TACACS policies, performing upgrades, DR testing, and Venafi-based certificate management, along with monitoring and alerting via Splunk. You will participate in on-call rotations and incident response via ServiceNow and engage with Cisco TAC on product roadmaps. The ideal candidate has 7-9 years of security experience, strong collaboration, and the ability to adapt in a fast-moving, enterprise environment.
- Compensation
- Not specified
- City
- Not specified
- Country
- Not specified
Currency: Not specified
Full Job Description
Job Description:
Note: Fidelity will not provide immigration sponsorship for this position
Senior Cybersecurity Platform Operator External
The Role
The job involves performing functions related to Network and Perimeter specialized Security Engineers including Cisco ISE, NAC (Network Access Control), TACACS, Certificate Authority. Looking for an energetic, hard charging individual able to keep up in an exciting and fast-moving team to enhance Fidelitys security posture. The candidate will be immersed in a quickly changing environment in a very rapidly changing threat landscape, working with numerous security professionals. The qualified candidate must be adaptable and able to work in a fast-paced environment where learning new skills and understanding new system architectures quickly is a key to success.
The Expertise and Skills You Bring
Strong experience in Cisco ISE (Identity Service Engine), TACACS+, RADIUS Certificate Authority
Managed and maintained multiple Cisco ISE environments and SME in:
RADIUS and TACACS policy configuration, including onboarding of new applications, working directly with app owners and providing guidance based on extensive knowledge of secure authentication integration.
Patching and upgrade planning for ISE systems.
Disaster Recovery tests (bi-annual for Wired/Wireless, annual for Guest Wi-Fi).
Certificate management, including updating/renewing ISE server certificates and guest portal certs via Venafi.
Cisco ISE licensing oversight, including maintaining the Cisco Smart Licensing model via the on-prem license server.
ISE system automation and backups via Jenkins jobs.
Monitoring and alerting through Splunk (custom dashboards and alarms).
Take part in monthly Cisco TAC calls to review issues, product roadmaps, and deployment health.
Supported the on-call rotation, responding to incidents via the ServiceNow platform.
Implement and maintain network access control solutions using 802.1X, RADIUS and TACACS
Perform daily monitoring, troubleshooting, and resolution of network access and
security issues.Integrate Cisco ISE with network and other components systems.
ISE software upgrades, patches, migration.
Create and maintain technical documentation and standard operating
procedures (SOPs).Open-minded, empathic and a teammate with a partnering approach and an enthusiastic and motivated personality, with demonstrated experience in solving complex challenges.
Intellectually curious and therefore remain abreast of new technologies and developments relating to technical products that might be used enterprise wide and software delivery methodologies.
Proficient in balancing business partner views and interests.
Team player with excellent interpersonal & communication skills (written and verbal).
7 to 9 years of security experience desired, preferably in a matrix-driven corporate environment.
Mandatory Cisco Identity and Service Engine Experience or similar vendor products
Ability to interact with both technical and non-technical staff, including management and executives, with experience articulating technical material in business terms.
SME in 802.1X authentication and related EAP protocols (EAP-TLS, PEAP)
The Team
The Senior Cybersecurity Engineer will be working on external defense team to ensure indications of compromise are promptly identified and stakeholders are informed with actionable and complete information. This role will assist and coordinate with incident response staff, threat intelligence, vulnerability management, and perimeter security teams during response activities and cyber investigations. This position works closely with our ISO for each Business Unit and directly with internal and external customers.
Certifications:
Category:
Information TechnologyMost roles at Fidelity are Hybrid, requiring associates to work onsite every other week (all business days, M-F) in a Fidelity office. This does not apply to Remote or fully Onsite roles. Some roles may have unique onsite requirements. Please consult with your recruiter for the specific expectations for this position.
Please be advised that Fidelitys business is governed by the provisions of the Securities Exchange Act of 1934, the Investment Advisers Act of 1940, the Investment Company Act of 1940, ERISA, numerous state laws governing securities, investment and retirement-related financial activities and the rules and regulations of numerous self-regulatory organizations, including FINRA, among others. Those laws and regulations may restrict Fidelity from hiring and/or associating with individuals with certain Criminal Histories.
Apply
All fields are required.
Benefits that balance life and work
From our fully paid parent leave to our on-site health and wellness centers, our benefits support the belief that more balance you have, the better you can achieve your goals.
Company overview
Company overview
At Fidelity, we are passionate about making our financial expertise broadly accessible and effective in helping people live the lives they want. We are a privately held company that places a high degree of value in creating and nurturing a work environment that attracts the best talent and reflects our commitment to our associates. We are proud of our diverse and inclusive workplace where we respect and value our associates for their unique perspectives and experience.
Reasonable accommodations
Fidelity will reasonably accommodate applicants with disabilities who need adjustments to participate in the application or interview process. To initiate a request for an accommodation contact the HR Accommodation Team by sending an email to accommodations@fmr.com, or by calling 800-835-5099, prompt 2, option 3.
Equal opportunity employer
Fidelity Investments is an equal opportunity employer. We believe that the most effective way to attract, develop, and retain a diverse workforce is to build an enduring culture of inclusion and belonging.
Hybrid work schedule
Fidelitys hybrid working model blends the best of both onsite and offsite work experiences. Working onsite is important for our business strategy and our culture. We also value the benefits that working offsite offers associates. Most hybrid roles require associates to work onsite all business days of every other week in a Fidelity office.
Applicant screening
At Fidelity, we value honesty, integrity, and the safety of our associates and customers within a heavily regulated industry. Certain roles may require candidates to go through a preliminary credit check during the screening process. Candidates who are presented with a Fidelity offer will need to go through a background investigation and may be asked to provide additional documentation as requested. This investigation includes but is not limited to a criminal, civil litigations and regulatory review, employment, education, and credit review (role dependent). These investigations will account for 7 years or more of history, depending on the role. Where permitted by federal or state law, Fidelity will also conduct a pre-employment drug screen, which will review for the following substances: Amphetamines, THC (marijuana), cocaine, opiates, phencyclidine.
AI Guidelines
Learn about our guidelines for use of AI when applying for a Fidelity job
