Forescout Engineer

ManTech International Corporation - Reston, VA4.0

Full-time
Currently, ManTech is seeking a motivated, career and customer-oriented Senior ForeScout Engineer to join our team the Reston VA area to provide unparalleled support to our customer and to begin an exciting and rewarding career within ManTech. The Senior ForeScout Engineer will perform a variety of complex technical tasks applied to specialized technology and cybersecurity challenges.

The Senior ForeScout Engineer is responsible for the integration and hands-on implementation of new capabilities and managing existing capabilities for federal agencies in support of the CDM project or customer requirements. The Senior ForeScout Engineer will work closely with architects, engineers and integrators to assess customer requirements and to design and extend capabilities offered by the ForeScout platform and support dashboard data requirements. Additionally, you will serve as a trusted advisor, providing subject matter expertise, guidance, and best practice recommendations

Responsibilities include, but are not limited to:
Design, plan, deploy and operate ForeScout physical and virtual appliances, including the Enterprise Manager and SecureConnector and other agent software, configuration, or policies.
Design, develop and implement policies and conditions; establish and customize device classification and clarification, controls, and notifications.
Implement and configure ForeScout modules and plugins like ServiceNow, McAfee ePO. Symantec, Splunk, CyberArk, RAPID7, Tenable, AWS, Mobile Device Management, etc.
Implement NAC or other network devices in fault tolerant and high availability configurations
Establish device segmentation and restricting devices based on role, classification, compliance, location, port and security groups
Work with architects, integration engineers and developers to design solutions to adhere to CDM and customer requirements.
Experience leading technical discussions with internal and external customers
Work closely with network and operations teams to establish and document requirements to complete implementation and configuration tasks
Create solutions to improve data quality, security, and compliance or extend current capabilities and offerings to customers
Act as an escalation point for ForeScout product issues
Provide Tier 3 support to customers and act as the subject matter expert
Plan and deploy patches and upgrades
Develop and maintain installation documentation and SOPs as required
Provide mentoring and support to other engineers

Position Requirements:
3+ years or hands-on experience installing, troubleshooting, and advanced configuration of ForeScout in an enterprise setting.
Progressive work experience with information technology and network security concepts, mechanisms, and tools.
Candidate must have excellent oral and written communication skills
Experience in security, network operations, monitoring, vulnerability analysis, and/or advanced threat protection.
Experience using ForeScout for advanced threat detection and the development and application of policies for remediation.
Experience in LAN/WAN, VPN, routers, firewalls, route tables, access control lists, NAT, network protocols.
Experience with enterprise device types, operating systems (Windows and UNIX), active Directory and Windows domain management including group policy objects.
Experience with VMware virtualization technologies, including one or more: ESXi, VMware View, vCenter Server, vCloud Director.
Understanding of the key technologies relevant to API and application integration including SSO, SAML, JASON, PKI, SSL, REST, XML, DHS, DHCP, AD/AD FS, LDAP, JDBC, ODBC
Understanding of application security protocols such as Secure/Multipurpose Internet Mail Extensions (S/MIME) and Secure Shell (SSH); web-based transactions using Secure Sockets Layer (SSL) / Transport Layer Security (TLS); and Virtual Private Networks (VPNs) using Internet Protocol Security (IPsec) and SSL/TLS.

Preferred:
Experience supporting Incident response and handling; scanning for malicious content, automation and aggregation of intelligence data.
Bachelor's degree preferred with 6+ years’ experience
ForeScout certification is desired
Security+ and/or related Cloud Security certification or higher is desired
Knowledge ofForeScout integration as it relates to Cloud Services and Mobile asset management.
Experience implementing ForeScout extended modules and capabilities to include cloud (AWS, Azure, etc.)
Experience in scripting or programming: Python, Java, Unix shell, PowerShell
Experience with one of the Phase 1 HWAM tools, such as McAfee ePO MVM, Application Control, IBM Big Fix, Tenable SCCV, Splunk.
Ability to perform ETL operations to retrieve enrichment content from existing hardware, software, system boundary inventories.

Clearance:
Ability to obtain and maintain DHS suitability.

Qualifications Requires Bachelor’s degree (in Computer Science, Math, Electrical Engineering or related field) or equivalent, and ten to twelve years of related experience.
Degrees Equivalent Experience/Education
Bachelor's Degree
Years of Experience 10-12 years w/Bachelors Degree
07-09 years w/Masters Degree