Estimated Length: 12 Months Work hours:37.50 Est. OT Hrs/Wk:
Requirements
Technical Qualifications:
- Understanding of enterprise computing environments, distributed applications, and strong knowledge and understanding of TCP/IP networks to include ASA, Palo Alto firewalls, and Cisco, Juniper, Avaya/Nortel switches
- Knowledge of TCP/IP and enterprise network protocols (LDAP, DNS, SMTP, SNMP, DHCP, and authentication protocols)
- Hands-on experience in both Windows and Linux, Mac OSX platforms with a solid understanding of networking principals and security best practices
- Experience with design and configuration of Forescout products
- Understanding of the system hardening processes, tools, guidelines, and benchmarks
- Computer Networking Systems Administrator’s level Knowledge of all protocol layers
- Expertise in debugging and root-cause analysis in complex systems and large environments
- Understating of programming languages: Java, and Perl
- Strong experience in network troubleshooting and configuration (tcpdump, Wireshark, etc.)
- Network equipment configuration (Switch, Router, Firewall)
- Linux O/S (Ubuntu and CentOS) installation, security configuration, and management
- Hands-on experience with Forescout solutions (preferred).
- Working knowledge of Linux/UNIX, and Windows operating systems.
- Virtualization environments for both desktop and server deployments
- Ability to gather, analyze, and interpret data in order to efficiently and effectively take action
- Working knowledge of industry security standards, procedures and technologies.
- Demonstrated excellent oral and written communications, including presentation skills for audiences of varying levels of technical understanding.
- Ability to constructively handle and address customer concerns through explanation or management escalation.
- A self-motivated individual with a ‘can do’ attitude.
- Ability to work independently in a mix of workplace environments including large enterprise, commercial, and military / government agency customers.
- Network security analysis and/or ICS networking experience
- Experience in network security principles and standards
- Experience in enterprise-level customer interaction with a strong customer support attitude
- Strong knowledge and experience working in a geographically distributed team-based engineering environment
- Bachelor’s degree in Computer Science, Engineering, or equivalent industry experience
Must Have Hands-On Technical Experience:
- Fine-tune CounterACT Policies, and module integrations for scalability, and performance improvements
- Integrate and troubleshoot several technologies which included, but not limited to Linux CentOS, Layer 2 & Layer 3 network devices, MDM solutions, Enterprise Antivirus solutions, SNMP versions 1, 2, & 3, and 802.1x
- Configure and design networks capable of network traffic replication to NAC, IDS/IPS systems using port mirroring (Cisco SPAN), VLANs, ACLs, and network taps
- Create and maintain deadlines for a successful NAC implementation while integrating with many enterprise level network components
- Build SQL Databases, and created SQL queries, and LDAP queries to integrate with CounterACT.
- Build Domain Controllers, SQL servers, NPS servers, DNS Servers, DHCP servers, and File Servers.
- Design and implement automated access control-based policies on trusted VS non trusted devices, compliance level, and endpoint device type using dynamic access lists, VLAN changes, and virtual firewall
- Design Guest Networks to automate user registration with captive portal/http hijacks
- Facilitate knowledge transfers to potential customers, and influenced CounterAct implementation expansions
- Provide real-time reports which included device inventories and compliance status
- Work with Project Managers, Security Engineers, Network Engineers, Systems Administrators, and Compliance team to implement the CounterAct NAC appliance to enterprise environments with over < 100,000 endpoints to ensure network compliance
|
Additional Skills and Information:
Forescout Subject Matter Expertise services
|