Essential Functions / Duties & Responsibilities:
The Forescout Engineer will provide high level integration and engineering expertise in support of an Enterprise level OT security project. This candidate will provide their expert level of understanding of OT networking and OT security.
Standard requirements:
· Documentation, installation and configuration of DoD and Federal Systems.
System patching to include the implementation of DoD STIGs, NIST 800-53 and CIS hardening standards.
· Create and document Enterprise and site architecture, design, processes and run books.
· Troubleshoot and resolve issues with OT network devices.
· Monitor overall network health and troubleshoots reported events.
· Develop and implement testing strategies and document results
· Capacity to write and update technical documents, procedures, TTPs, SOPs, etc.
Task-specific requirements:
· Must have a firm understanding of OT security, design and implementation.
· In depth knowledge of 802.1x, certificate-based authentication, and RADIUS protocol.
· Develop a list of Pre-Assured Services Interruption (ASI) steps, ASI preparation tasks, and ASI steps/procedures.
· Develop Pass/Fail criteria and a rollback plan.
· Create and submit all Port, Protocols and Service Management (PPSM) documentation via established Change Management processes.
· Perform moves/adds/changes in Request for Change (RFC). (add/remove devices from jobs, move devices into appropriate job, create new RFC, etc.).
· Work with customer team and systems to identify network devices no longer active on the network and remove them from the RFC.
· Project engagement and project plan development in support of OT security using Forescout eyeInspect.
Critical Skills and Expertise:
· A minimum of seven (7) years of direct OT experience.
· Understanding of IAVAs and STIGs and applies updates to routers, switches, firewalls, & etc.
· Position requires a current DoD 8570 IAT II certification – CCNA Security, CySA+, GICSP, GSEC, Security+ CE, CND, or SSCP.
· Technical Certification in area of expertise is required – CCNP, CCIE, JNCIP, JNCIE, FCSA, FCSE.
· Must have or have the ability to quickly obtain the CompTIA LINUX+ certification.
· Strong understanding of Routing, Switching, Firewalls, 802.1x, VLAN, VPN, LAN, WAN and Network Security.
· Experience with a NAC (Forescout, Cisco ISE, Checkpoint, Aruba) environment is strongly desired.
· Forescout eyeInspect experience is highly desired.
· Experience installing, managing, and supporting production network and computer security systems comprised of multiple network hardware and software.
· Knowledge of Forescout and other Comply to Connect technologies is a plus.
· Active, in-scope US Government issued Secret/SSBI clearance.
Experience and Education:
· Bachelor's Degree in a related discipline (e.g., Computer Science, Computer Information Systems, Math, and Engineering).
Job Type: Full-time
Pay: $120,000.00 - $150,000.00 per year
Benefits:
- 401(k)
- 401(k) matching
- Dental insurance
- Health insurance
- Paid time off
Experience level:
Schedule:
Experience:
- Forescout: 2 years (Required)
Security clearance:
Willingness to travel:
Work Location: Remote