- ISO 27001
- NIST Standards
What we are doing:
We are providing solutions for one of the largest needs in the security space. Forescout Technologies is the leader in device visibility and control and we have pioneered an agentless approach to network security to address the explosive growth of the Internet of Things (IoT), cloud computing and operational technologies (OT).
Forescout is seeking a Security Engineer to join the Information Technology Security team. The Risk & Compliance function enhances business operations by assessing and providing guidance on strategies, processes, and controls to help manage risk, provide assurance, and ensure compliance.
What you will do:
The Security Engineer will develop, execute, and automate information security technical controls to provide assurance that Forescout meets or exceeds its requirements and commitments. In this role, the individual will be responsible for:
Developing, executing and maintaining manual and automated test scripts and procedures to monitor and validate compliance with Forescout policies, standards, contracts, laws, and regulations.
Maintaining a documented portfolio of manual and automated test scripts and procedures.
Understanding and evaluating security and compliance implementations and propose technical alternatives that address applicable compliance programs and standards such as SOC2, ISO 27001/2, and NIST.
Developing and reporting metrics on test scripts and procedures developed and automated, the effectiveness of automated processes, rate of implementation/adoption, and degree of compliance.
Reporting compliance validation testing activities and results to management.
Stay current on information security-related risks and controls, tools and technologies, and methods and approaches to improve and automate compliance testing.
Building out security systems and technical controls around MDM, DLP, CASB systems.
Reviewing and implement security controls to meet NIST 800-171, 800-53, SANS audit controls.
What you bring to Forescout:
5-8 years of experience with security and technical control testing in AWS, Microsoft Azure, Google CloudPlatform, Oracle ERP, Salesforce, Microsoft Office 365, Box or other cloud technologies required.
Extensive hands-on ability with Security products, including switches, firewalls, WAF,
Hands-on experience with security tools such as Forescout, Nessus, Nexpose, tcpdump, Burp, Wireshark, Splunk, etc.
Hands-on experience with Linux and Windows Server, virtualization, containers, and networking.
Certifications such as CISSP and AWS Certified strongly preferred.
Experience with SOC2, ISO 27001/2, PCI DSS, NIST CSF, and 800 series, and similar security standards.
Demonstrated ability to prioritize, work independently, and manage multiple projects.
Must have strong analytical skills and be self-motivated, self-directed, well-organized, driven, proactive, and have a positive, can-do attitude.
3+ years of experience leveraging scripting or similar.
Strong verbal and written communication skills.
Proven ability to work with worldwide teams.
What Forescout can offer you:
Collaborative and innovative environment – make an impact on worldwide security while working on the hottest technology.
Focus on Diversity and Women in the Workplace – participate in our newly formed Forescout Women’s Network!
Want a glimpse of Life @ Forescout? Check us out on Facebook and Instagram.