Job Description

Job Specification for Cyber Security Forescout Engineer.

Summary

Client is seeking a highly experienced Forescout Engineer to design and execute (hands-on) a full-stack refresh of our Forescout Network Access Control system, including upgrade to 61xx hardware, RHEL 9, Forescout v9 Software, Module and Plugin upgrades, and Console/CLI/Integration re-reconfiguration.

 

Essential kills:

  • Architecture: Comprehensive knowledge of designing, planning & troubleshooting large scale full stack (hardware, OOB, OS, Software, Configuration & Integrations) Forescout refresh projects which use High Availability clusters, IP Reuse and NAT
  • Hardware: Detailed deployment design specifications, and management of remote engineers to deploy 51xx, or ideally 61xx, generation Forescout Appliances at scale in a highly regulated Enterprise Environment
  • OOB: Hands-on experience configuring and troubleshooting iDRAC on Forescout 51xx or 61xx Appliances
  • Software: Extensive hands-on experience of troubleshooting post-upgrade issues on Forescout v8.4.1 or higher, ideally v9.
  • Integrations: Extensive experience of upgrading and troubleshooting integrations with:
    • Switches (Cisco & Juniper)
    • Cisco APICs
    • VPNs Concentrators
    • Wireless Controllers
    • Active Directory
    • ServiceNow
    • CrowdStrike
    • Forcepoint proxy
  • Configuration: Extensive experience of post-upgrade re-configuration on both Console and CLI including:
    • High Availability Resilience configuration
    • Passive Learning
    • Complex Policies, Groups, Labels and Lists
    • Segments
    • Control actions (ACL, Block, VLAN) on Cisco and Juniper switches
    • Load balancing
    • Performance tuning
  • Testing: Specify, execute and troubleshoot comprehensive tests covering regression as well as all upgraded features.
  • Change Management: Experience of writing detailed implementation plans, assessing risk, submitting change requests, and providing justifications to senior stakeholders at Change Approval Boards.  Ideally, experience of ServiceNow.
  • Stakeholder management: Management of senior stakeholders
  • Documentation: Strong documentation skills (ideally, Confluence), including detailed run books on upgraded features for in-life teams
  • Training & handover: Experience training in-life teams on upgraded features

 

Qualifications:

  • Ideally FSCE, FSCP or FSCA

 

Working hours:

  • Must be willing to work in UK Time Zone when required, to align with Principal Network Security Engineer for detailed reviews and sign-off.
  • Must be willing to work outside of global financial market trading hours (usually, weekends) whilst working on production environment (e.g. during cutovers and troubleshooting)

 

 

 

Apply