Senior Cybersecurity engineer for Secure Access Network
Tech Stack / Keywords
Firma i stanowisko
Craftware is a technology company of over 500 experts, delivering end-to-end projects from analysis and architecture through implementation to development and maintenance. It serves large organizations with modern IT solutions including sales systems, automation, data platforms, and AI. Craftware partners with industry leaders such as Salesforce, Veeva, UiPath, and Databricks.
Wymagania
- 5+ years hands-on experience designing, implementing, and managing enterprise-grade NAC solutions, specifically Cisco ISE (TrustSec, Dot1x, MAB, Profiling, Guest Portals, REST APIs, EAP-TLS, EAP-TEAP).
- Experience deploying, configuring, and maintaining Palo Alto NGFW (SSL decryption, threat prevention, HA Active/Active and Active/Passive).
- Strong understanding of RADIUS, TACACS+, identity-based access control, and enterprise PKI / certificate lifecycle management.
- Proficiency in network virtualization and segmentation (TrustSec, SGTs, VRFs).
- Experience using Ansible, Terraform, and Python to manage network security infrastructure at scale.
- Solid foundation in enterprise networking (L2/L3), including BGP, OSPF, VLANs, VXLAN.
- Excellent communication and stakeholder management skills; fluent English.
Nice to have:
- Experience in regulated environments (Pharma, Healthcare, Finance).
- Proficiency in Terraform and GitHub for reproducible security configurations.
- Experience building CI/CD pipelines (GitLab, GitHub) and automated security workflows.
- Scripting skills in Python, PowerShell, or Bash for self-service tools and custom API integrations.
- Experience mentoring junior cybersecurity engineers.
Obowiązki
- Act as the primary SME for Secure Access technologies, evaluate and select emerging security tools, and drive the technical roadmap aligned with Zero Trust architecture.
- Design, deploy, and maintain authentication solutions including 802.1X, EAP-TLS, EAP-TEAP, RADIUS, TACACS+, SAML, and MFA integrated with enterprise Identity Providers.
- Lead lifecycle management of Cisco ISE deployments, including upgrades and capacity planning.
- Implement advanced access control mechanisms such as Dot1x, MAB, Guest Access, posture-based authorization, and design Cisco TrustSec/SGT-based micro-segmentation.
- Serve as senior escalation point for complex incidents, performing root-cause analysis and building observability/monitoring dashboards.
- Advocate and implement Infrastructure-as-Code and security automation, building API-driven integrations and self-service capabilities.
- Mentor junior engineers and collaborate with globally distributed product squads and stakeholders.
Benefity
- B2B contract with a rate of 150-180 PLN per hour.
- Daily support from team leaders.
- Dedicated certification budget.
- Assistance in defining and supporting personal development paths.
- Benefits package.
- Integration trips and events.
Inne informacje
Zgodnie z art. 13 ust. 1 i 2 rozporządzenia Parlamentu Europejskiego i Rady (UE) 2016/679 z dnia 27 kwietnia 2016 r. w sprawie ochrony osób fizycznych w związku z przetwarzaniem danych osobowych i w sprawie swobodnego przepływu takich danych oraz uchylenia dyrektywy 95/46/WE (ogólne rozporządzenie o ochronie danych, dalej: RODO) (Dz. Urz. UE L119/1) informujemy o zasadach przetwarzania danych osobowych przez Craftware Sp. z o.o. oraz przysługujących prawach osób aplikujących.
Craftware
30 aktywnych ofert