Principal Network Security (Forescout NAC)

About Northern Trust:

Northern Trust a Fortune 500 company is a globally recognized award-winning financial institution that has been in continuous operation since 1889.

Northern Trust is proud to provide innovative financial services and guidance to the worlds most successful individuals families and institutions by remaining true to our enduring principles of service expertise and integrity. With more than 130 years of financial experience and over 22000 partners we serve the worlds most sophisticated clients using leading technology and exceptional service.

Title: Principal - Network Security (Forescout NAC)

The Role:

The Principal Network Security Engineer plays a pivotal role in safeguarding the organizations infrastructure by architecting deploying and managing advanced network security platforms. This is a high-impact position within a newly formed team dedicated to mission-critical initiatives where reliability resilience and exceeding expectations are standard. Were seeking a strategic thought leader and self-driven engineer with a deep security-first mindset and a strong sense of product ownershipsomeone who can lead the transformation and continuous evolution of our network security ecosystem in alignment with our business and cybersecurity objectives.

Key responsibilities:

As the product owner for Network Access Control (NAC) and Identity Services platforms the Principal Network Security Engineer will lead the strategic direction architecture and operational excellence of these technologies. This role demands a proactive security mindset and a deep sense of ownership to ensure the platforms are resilient scalable and aligned with enterprise security goals.

• Solution Architecture & Design
  Partner with cross-functional stakeholders to architect and deliver secure scalable solutions tailored to evolving business and security requirements.

• Deployment & Configuration
  Lead global deployment and configuration of NAC appliances and Identity Services platforms across data centers ensuring consistency reliability and compliance.

• Device Discovery & Profiling
  Implement advanced profiling techniques to identify and classify all network-connected devices enforcing access only for authorized and trusted endpoints.

• Policy Creation & Enforcement
  Define and enforce granular access control policies based on device posture driving network segmentation and strengthening the organizations security posture.

• Threat Detection & Response
  Monitor for anomalous device behavior and orchestrate automated responses to mitigate potential threats in real time.

• Compliance Management
  Leverage platform capabilities to ensure continuous compliance with internal standards and external regulatory requirements through robust reporting and audit trails.

• Security Ecosystem Integration
  Seamlessly integrate NAC and Identity platforms with next-gen firewalls SIEMs endpoint protection and other security tools to create a unified defense strategy.

• Customer Support & Enablement
  Provide expert-level support to internal teams manage escalations and deliver training to promote platform adoption and operational readiness.

• Automation & Orchestration
  Utilize modern development tools and GitOps practices to automate deployment configuration and lifecycle management of security platforms.

• Standards & Documentation
  Establish architectural patterns define operational standards and maintain comprehensive documentation using Confluence and to ensure transparency and repeatability.

Core Skills & Experience:

• Expert-level in NAC platform administration and configuration (Forescout preferred)

• Strong understanding of network security principles. CISSP certification is desired but not required

• Working experience deploying and operating Identity platforms (Cisco ISE preferred)

• Exposure to Microsoft Active Directory Microsoft Entra ID and LDAP

• Knowledge of network fundamentals (TCP/IP VLANs VRFs VPN Dynamic Routing). CCNP certification preferred

• Strong understanding of how Network and Security infrastructure operate at Layer 2 Layer 3 & Layer 4-7

• Knowledge of network authentication protocols including EAP/802.1x TACACS RADIUS OAuth

• Experience working with Public Key Infrastructure and tools (Venafi)

• Expert-level experience working with Linux Windows and MacOS operating systems

• Experience with scripting languages (Bash Python Perl Powershell) and IaC tools like Ansible or Terraform

• Proficient with packet data tools like Wireshark to perform deep-level forensic analysis

• Ability to perform security analysis using SIEM and Analytics tools (Azure Sentinel Log Analytics)

• Expert-level writing skills to create playbooks and standard operating procedures

• Experience with web APIs and data serialization languages (JSON YAML)

• Excellent problem-solving and troubleshooting abilities with an emphasis on security

• Strong communication skills to collaborate with technical and non-technical stakeholders

• Exposure to cloud service providers such as Azure or AWS

• Working experience with Next Generation Firewalls (Checkpoint Palo Alto) or host-based firewalls (Illumio)

• Good understanding of DNS DHCP and IPAM systems

• Previous experience at a financial organization is a plus

Certifications:

The following certifications are strongly preferred

FSCA - Forescout Certified Administrator

FSAA - Forescout Advanced Administrator

FSCE - Forescout Certified Engineer

Salary Range:

Salary range is a good faith estimate of base pay. Northern Trust provides a comprehensive benefits package including retirement benefits (401k and pension) health and welfare benefits (medical dental vision spending accounts and disability) paid time off parental and caregiver leave life & accident insurance and other voluntary and well-being benefits. Northern Trust also provides a discretionary bonus program that may include an equity component.

Working with Us:

As a Northern Trust partner greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas.

Movement within the organization is encouraged senior leaders are accessible and you can take pride in working for a company committed to assisting the communities we serve!Join a workplace with a greater purpose.

Wed love to learn more about how your interests and experience could be a fit with one of the worlds most admired and sustainable companies! Build your career with us andapply today.#MadeForGreater

Reasonable accommodation

Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process please email our HR Service Center at .

We hope youre excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people.

Apply today and talk to us about your flexible working requirements and together we can achieve greater.