FORESCOUT NETWORK ENGINEER

ROLE: FORESCOUT NETWORK ENGINEER CLIENT: HEALTHCARE LOCATION - New York , NY -THIS IS ONSITE INTERVIEW : TELEPHONIC & WEBCAM. THIS IS C2HIRE ROLE Job Summary We are seeking a skilled Forescout Network Engineer to design, implement, and support network access control (NAC) solutions using Forescout platform technologies. The ideal candidate will have strong networking fundamentals, security expertise, and hands-on experience with device visibility and policy enforcement across enterprise environments. Key Responsibilities • Design, deploy, and manage Forescout CounterACT solutions across enterprise networks • Implement and maintain network access control (NAC) policies for endpoint compliance and security • Monitor and analyze network traffic to detect unauthorized or non-compliant devices • Integrate Forescout with: o ctive Directory / LDAP o SIEM tools (e.g., Splunk, QRadar) o Firewalls and endpoint security tools • Troubleshoot connectivity, authentication, and enforcement issues • Perform upgrades, patching, and system optimization for Forescout appliances • Develop automated workflows for device classification and remediation • Collaborate with network, security, and IT teams for incident response and compliance initiatives • Maintain documentation of configurations, policies, and procedures Required Skills & Qualifications • Bachelor's degree in Computer Science, Information Technology, or related field (or equivalent experience) • 9-10+ years of experience in network/security engineering • Hands-on experience with Forescout CounterACT or similar NAC solutions • Strong understanding of: o TCP/IP, DNS, DHCP o VLANs, routing, switching o Network security concepts (802.1X, RADIUS, NAC) • Experience with Windows, Linux, and macOS environments • Knowledge of scripting (Python, PowerShell, or Bash) is a plus • Familiarity with cloud environments (AWS, Azure) is preferred Certifications Forescout Certified Administrator (FCA) or Forescout Certified Engineer (FCE) • CCNA / CCNP • CompTIA Security+ or CISSP (nice to have)