Forescout Engineer

About The Position

Requirements

• Professional Experience: Master’s degree with 1+ year of IT project experience OR Bachelor’s degree with 3+ years of IT project experience OR Associate’s degree with 5+ years of IT project experience.
• Relevant years of experience may be accepted in lieu of a degree.
• Certifications: DoD 8570 IAT Level II: (Security+ CE, CCNA-Security, GSEC, SSCP, CySA+, GICSP, or CND). DoD 8570 CSSP-Infrastructure Support: (CEH, CySA+, GICSP, SSCP, CHFI, CFR, Cloud+, or CND) – Must be obtained within 30 days of start date.
• Technical Skills: 1+ years of experience in system administration (Windows or Linux) and knowledge of network appliances or domain management services like Active Directory.
• Clearance: Active TS/SCI; must be able to obtain a Counterintelligence (CI) Polygraph.

Nice To Haves

• Forescout Expertise: Hands-on experience with the deployment, installation, and daily maintenance of Forescout CounterACT appliances in customer environments.
• Data Integration: Ability to integrate cybersecurity data using aggregation and analysis tools, like Splunk.
• Compliance Knowledge: Familiarity with federal information security policies, standards (NIST/RMF), and authorization processes.
• Soft Skills: Ability to be a self-starter, work independently without heavy.
• Appliance Management: Hands-on ability to install, configure, and maintain physical and virtual Forescout CounterACT appliances and the Enterprise
• Policy Engineering: Proficiency in creating and tuning policies for Classification (identifying what a device is), Clarification (determining who owns it), and Compliance (checking if it meets security standards).
• Control Actions: Skills in implementing automated responses, such as moving non-compliant devices to a Quarantine VLAN; or applying Access Control Lists (ACLs).
• Plugin Tuning: Ability to configure and optimize service plugins like the Host Property Scanner (HPS), Switch Plugin, and User Directory Plugin to ensure accurate device profiling.
• FSCA (Forescout Certified Associate): Covers basic administration and policy creation
• FSCP (Forescout Certified Professional): Focuses on advanced troubleshooting and plugin tuning.
• FSCE (Forescout Certified Engineer): The highest level, focusing on complex architecture and large-scale deployment design.

Responsibilities

• Network Engineering: Architect and design IP networks, including developing and documenting network topologies.
• Perform physical and logical network engineering, including port activation and configuration of switches, LANs, and VLANs.
• Security Operations: Engineer solutions for complex customer challenges using knowledge of network engineering, system administration, and Active Directory.
• System Administration: Perform Windows and Linux administration, including troubleshooting, installation, configuration, and monitoring system performance.
• Maintenance & Support: Provide Tier II IT operations and maintenance support, including ticket updates, issue responses, and technical remediation.
• Continuous Improvement: Perform security upgrades and stay current with multi-domain architectures (Data Center, WAN, and LAN) in virtualized environments.

Benefits

• Remote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions)
• Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans (spouse/children/family) or High Deductible Health Plan with HSA (GuidePoint pays 100% of the employees premiums and 75% for family plans (spouse/children/family). If you choose the High Deductible / HSA plan, GPS will contribute in 4 equal quarterly installments: ($850 per EE annually / $1750 per family annually (includes spouse/children/family options)
• Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans
• 12 corporate holidays and a Flexible Time Off (FTO) program
• Healthy mobile phone and home internet allowance
• Eligibility for retirement plan after 2 months at open enrollment
• Pet Benefit Option