- Planning and performing the migration from incumbent Cisco ISE NAC to Forescout.
- Planning and performing the migration from Forescout post-connect to pre-connect.
- Assisting the Security Engineer in designing configuration changes to be implemented on local wired and wireless networks for Forescout visibility, classification, and control.
- Participating in design discussions with sites globally, to agree configuration changes within IT networks in support of Forescout implementation.
- Participating in design discussions with global sites to agree placement of monitoring appliances within OT networks in support of Forescout implementation.
- Plan and lead roll-out activities.
- Experience of working with business-critical OT environments within manufacturing environments.
- 3+ years of configuring and deploying Forescout NAC, including EyeSight, EyeInspect, EyeSegment and EyeExtend deployment across both IT and OT environments.
- Experience of migrating from incumbent NAC solutions to Forescout in a pre-connect method.
- Experience of configuring and deploying traffic flow analysis using EyeInspect.
- Experience of configuring and deploying application segmentation using EyeSegment.
- 3+ years of working with multi-vendor network technologies to support deployments into mixed technology sets.
- Experience of delivering infrastructure transformation into large manufacturing sites running a mix of technologies supporting both IT and OT processes.
- Designing SPAN / (E)RSPAN implementations over existing mixed technology networks
- Working with 3rd parties in the implementation of infrastructure projects within a multinational company.
- Co-ordination of local IT teams at a technical level to plan and deliver the technical changes.
- Infrastructure change delivery in a multinational organisation in a consistent and timely manner.
- Experience of working in global organisations.
- EyeSight
- EyeInspect
- EyeSegment
- EyeExtend
- FortiManager for EyeExtend integration
- Static routing
- Dynamic routing
- VLANs
- Spanning tree
- Trunking protocols
- Layers 2 security hardening (DHCP snooping etc)
- SPAN/(E)RSPAN design & implementation
- Good QOS skills
- Good understanding of industry best practices
- Management of Cisco Wireless LAN controllers
- Troubleshooting on WLAN
- Good QOS skills
Forescout Engineer - Bristol, United Kingdom - Imperial Brands
Description
Forescout Engineer
Duration: 6 months
Location: Bristol, remote UK
Role purpose:
As a member of the wider IT Security Project Team, the Forescout Engineer will work alongside other members of the project to deliver a multi-year security improvement plan across the Imperial estate.
This is an interim role working alongside 3rd parties and local IT teams to introduce network security controls, visibility, control and the identification and mapping of traffic flows between IT and OT devices across the Imperial estate.
The Forescout Engineer will also be expected to support/lead where applicable on the transfer of knowledge into the Operations team and NOC.
Key accountabilities
Continuing the planning and implementation of network access controls across Imperial Brand's 200 plus offices and factory sites using Forescout technologies.
Completing the planning and implementation of network traffic flow monitoring in Imperial's factory sites using Forescout technologies.
Working with the NOC to streamline BAU support processes.
Experience and Essential Skills
Technical Skills
CCNP /CCIE Level with 3+ years' experience in Cisco and Forescout technologies, experience in other network vendors is desirable:
Forescout:
Fortinet:
Routing:
Switching:
Security:
Cisco WLAN: