Principal - Network Security (Forescout NAC)

About The Position

Requirements

• Expert-level in NAC platform administration and configuration (Forescout preferred)
• Strong understanding of network security principles.
• Working experience deploying and operating Identity platforms (Cisco ISE preferred)
• Exposure to Microsoft Active Directory, Microsoft Entra ID, and LDAP
• Knowledge of network fundamentals (TCP/IP, VLANs, VRFs, VPN, Dynamic Routing).
• Strong understanding of how Network and Security infrastructure operate at Layer 2, Layer 3 & Layer 4-7
• Knowledge of network authentication protocols including EAP/802.1x, TACACS, RADIUS, OAuth
• Experience working with Public Key Infrastructure and tools (Venafi)
• Expert-level experience working with Linux, Windows, and MacOS operating systems
• Experience with scripting languages (Bash, Python, Perl, Powershell) and IaC tools like Ansible or Terraform
• Proficient with packet data tools like Wireshark to perform deep-level forensic analysis
• Ability to perform security analysis using SIEM and Analytics tools (Azure Sentinel, Log Analytics)
• Expert-level writing skills to create playbooks and standard operating procedures
• Experience with web APIs and data serialization languages (JSON, YAML)
• Excellent problem-solving and troubleshooting abilities with an emphasis on security
• Strong communication skills to collaborate with technical and non-technical stakeholders
• Exposure to cloud service providers such as Azure or AWS
• Working experience with Next Generation Firewalls (Checkpoint, Palo Alto) or host-based firewalls (Illumio)
• Good understanding of DNS, DHCP, and IPAM systems

Nice To Haves

• CISSP certification is desired but not required
• CCNP certification preferred
• Previous experience at a financial organization is a plus
• FSCA - Forescout Certified Administrator
• FSAA - Forescout Advanced Administrator
• FSCE - Forescout Certified Engineer

Responsibilities

• As the product owner for Network Access Control (NAC) and Identity Services platforms, the Principal Network Security Engineer will lead the strategic direction, architecture, and operational excellence of these technologies.
• Solution Architecture & Design Partner with cross-functional stakeholders to architect and deliver secure, scalable solutions tailored to evolving business and security requirements.
• Deployment & Configuration Lead global deployment and configuration of NAC appliances and Identity Services platforms across data centers, ensuring consistency, reliability, and compliance.
• Device Discovery & Profiling Implement advanced profiling techniques to identify and classify all network-connected devices, enforcing access only for authorized and trusted endpoints.
• Policy Creation & Enforcement Define and enforce granular access control policies based on device posture, driving network segmentation and strengthening the organization’s security posture.
• Threat Detection & Response Monitor for anomalous device behavior and orchestrate automated responses to mitigate potential threats in real time.
• Compliance Management Leverage platform capabilities to ensure continuous compliance with internal standards and external regulatory requirements through robust reporting and audit trails.
• Security Ecosystem Integration Seamlessly integrate NAC and Identity platforms with next-gen firewalls, SIEMs, endpoint protection, and other security tools to create a unified defense strategy.
• Customer Support & Enablement Provide expert-level support to internal teams, manage escalations, and deliver training to promote platform adoption and operational readiness.
• Automation & Orchestration Utilize modern development tools and GitOps practices to automate deployment, configuration, and lifecycle management of security platforms.
• Standards & Documentation Establish architectural patterns, define operational standards, and maintain comprehensive documentation using Confluence and draw.io to ensure transparency and repeatability.

Benefits

• Northern Trust provides a comprehensive benefits package including retirement benefits (401k and pension), health and welfare benefits (medical, dental, vision, spending accounts and disability), paid time off, parental and caregiver leave, life & accident insurance, and other voluntary and well-being benefits.
• Northern Trust also provides a discretionary bonus program that may include an equity component.