Estimated Length: 12 Months Work hours:40.00 Est. OT Hrs/Wk:
*PLEASE NOTE THIS POSITION MAY ALLOW CONSULTANT TO WORK ON A HYBRID REMOTE SCHEDULE (3 DAYS ONSITE/ 2 DAYS REMOTE) UPON START
• Provide Forescout Subject Matter Expertise services to customers including, product deployment, configuration, health checks, optimization, training and troubleshooting.
• Implement, install and troubleshoot Forescout, including the development of custom content, monitoring system health, performing upgrades/updates, and ensuring proper operation of physical & virtual appliances.
• Assist Security Engineers in the proper application of vulnerability scanning technologies across a network environment
• Work with Engineers to troubleshoot network connectivity issues including running WireShark, interfacing with various operation organizations to isolate faults and submitting/verifying firewall change requests
• Document the network configurations of solution elements including creating drawings and text descriptions
• Proactively identify and prioritize issues on behalf of the customer, communicate and explain issues to customer verbally or in writing, develop plans to address issues, get approval for plans, and drive plans to successful completion.
• Assist Firewall and VPN team in upgrade and deployment of security equipment
Assist customer business units with implementation plans and network designs.
• Coordinate and lead meetings and provide written summaries.
• Collaborate with customer regarding deployment techniques, feature requests, and product issues.
• Provide regular progress reports on deployment, performance, open issues internally and with vendors integrating with customer Forescout installation
• Experience with design and configuration of Forescout products
• Understanding of enterprise computing environments, distributed applications, and strong knowledge and understanding of TCP/IP networks to include ASA, Palo Alto firewalls, and Cisco, Juniper, Avaya/Nortel switches
• Knowledge of TCP/IP and enterprise network protocols (LDAP, DNS, SMTP, SNMP, DHCP, and authentication protocols)
• Hands-on experience in both Windows and Linux, Mac OSX platforms with a solid understanding of networking principals and security best practices
• Understanding of the system hardening processes, tools, guidelines, and benchmarks
• Computer Networking Systems Administrator’s level Knowledge of all protocol layers
• Expertise in debugging and root-cause analysis in complex systems and large environments
• Understating of programming languages: Java, and Perl
• Strong experience in network troubleshooting and configuration (tcpdump, Wireshark, etc.)
• Network equipment configuration (Switch, Router, Firewall)
• Linux O/S (Ubuntu and CentOS) installation, security configuration, and management
• Hands-on experience with Forescout solutions (preferred).
• Working knowledge of Linux/UNIX, and Windows operating systems.
• Virtualization environments for both desktop and server deployments
• Ability to gather, analyze, and interpret data in order to efficiently and effectively take action
• Working knowledge of industry security standards, procedures and technologies.
• Demonstrated excellent oral and written communications, including presentation skills for audiences of varying levels of technical understanding.
• Ability to constructively handle and address customer concerns through explanation or management escalation.
• A self-motivated individual with a ‘can do’ attitude.
• Ability to work independently in a mix of workplace environments including large enterprise, commercial, and military / government agency customers.
• Network security analysis and/or ICS networking experience
• Experience in network security principles and standards
• Experience in enterprise-level customer interaction with a strong customer support attitude
• Strong knowledge and experience working in a geographically distributed team-based engineering environment
• Bachelor’s degree in Computer Science, Engineering, or equivalent industry experience
Must Have Hands-On Technical Experience:
• Fine-tune CounterACT Policies, and module integrations for scalability, and performance improvements
• Integrate and troubleshoot several technologies which included, but not limited to Linux CentOS, Layer 2 & Layer 3 network devices, MDM solutions, Enterprise Antivirus solutions, SNMP versions 1, 2, & 3, and 802.1x
• Configure and design networks capable of network traffic replication to NAC, IDS/IPS systems using port mirroring (Cisco SPAN), VLANs, ACLs, and network taps
• Create and maintain deadlines for a successful NAC implementation while integrating with many enterprise level network components
• Build SQL Databases, and created SQL queries, and LDAP queries to integrate with CounterACT.
• Build Domain Controllers, SQL servers, NPS servers, DNS Servers, DHCP servers, and File Servers.
• Design and implement automated access control-based policies on trusted VS non trusted devices, compliance level, and endpoint device type using dynamic access lists, VLAN changes, and virtual firewall
• Design Guest Networks to automate user registration with captive portal/http hijacks
• Facilitate knowledge transfers to potential customers, and influenced CounterAct implementation expansions
• Provide real-time reports which included device inventories and compliance status
• Work with Project Managers, Security Engineers, Network Engineers, Systems Administrators, and Compliance team to implement the CounterAct NAC appliance to enterprise environments with over < 100,000 endpoints to ensure network compliance
Additional Skills and Information:
Forescout Subject Matter Expertise services