Apply Now
Location: New York City, New York (NY)
Contract Type: C2C
Posted: 5 hours ago
Closed Date: 07/20/2026
Skills: Network Security Engineer, LTM/GTM, APM, and ASM/AWAF
Visa Type: GreenCard, USC

Job Title- Network Security Engineer

Location- New York City, NY (Onsite – Local Candidates Only)

Contract: 6+ Months Contract-to-hire

MOI: Skype


VISA: USC and GC Only


Need candidate who have expertise in Forescout


Position Overview:

We are seeking an experienced Network Security Engineer for a contract-to-hire engagement with one of New York City's leading healthcare organizations. This is a hands-on, senior-level role responsible for the design, deployment, and ongoing operational excellence of our network access control and security infrastructure. The contract is expected to convert to a permanent full-time position for the right candidate. The ideal candidate brings deep technical expertise in Forescout and thrives in a complex, compliance-driven healthcare environment where uptime and patient data protection are paramount.


Top Must Have’s:

•           Primary expertise in Forescout

•           Palo Alto and tertiary F5 – preferred

•           Forescout (control plane), Palo Alto (enforcement), F5 (application layer), Identity protocols (access) and SIEM (visibility)

Key Responsibilities:

  • Design, deploy, and manage Forescout-based Network Access Control (NAC) infrastructure across enterprise and clinical environments
  • Develop and enforce device visibility, classification, and policy enforcement for managed, unmanaged, and IoT/medical devices
  • Author and maintain comprehensive technical documentation, standard operating procedures (SOPs), runbooks, and network security policies
  • Conduct architecture reviews and lead network security improvement initiatives in alignment with HIPAA, HITECH, and NIST frameworks
  • Collaborate with infrastructure, clinical engineering, and IT teams to ensure secure network segmentation and least-privilege access
  • Monitor network security events, investigate anomalies, and drive remediation efforts in coordination with the SOC team
  • Manage and maintain next-generation firewall infrastructure (Palo Alto Networks preferred), including rule lifecycle management and threat prevention policy tuning
  • Support and administer F5 application delivery and security services including LTM/GTM, APM, and ASM/AWAF
  • Lead vendor engagements, coordinate with managed service partners, and serve as internal SME for network security technologies
  • Participate in on-call rotation and provide escalation support for critical network security incidents

 

Required Qualifications:

  • 5+ years of hands-on experience in network security engineering in enterprise environments
  • Deep expertise in Forescout Platform (formerly CounterACT), including:
  • eyeSight, eyeControl, and eyeSegment modules
  • Policy authoring, device classification, and enforcement actions
  • Integration with Active Directory, SIEM, and ticketing platforms
  • Deployment in large-scale, multi-site environments
  • Active Forescout certification (FCSS – Forescout Certified Security Specialist, or equivalent) required
  • Demonstrated ability to independently design and deliver full lifecycle NAC deployments — from architecture through implementation and documentation
  • Strong documentation skills: ability to produce clear, detailed SOPs, network diagrams, and policy documentation for both technical and non-technical audiences
  • Solid understanding of network fundamentals: VLANs, 802.1X, RADIUS, DHCP, DNS, routing, and switching
  • Experience working in regulated industries with exposure to HIPAA, HITECH, or similar compliance requirements
  • Bachelor's degree in Computer Science, Information Security, or equivalent practical experience