Network Access Control (NAC) Specialist – L3

Job Title:

Location:

Department:

Job Purpose

advanced-level configuration, troubleshooting, and optimization of ForeScout NAC systems

end-to-end management of NAC operations, policy enforcement, compliance, incident resolution

Educational Qualification

• B.E / B.Tech in Electronics, Computer Science, or Information Technology from a reputed university or equivalent.
  

Experience

• Minimum 5+ years of experience in IT Service Management and Network Security Operations.
• Proven expertise in Incident, Problem, Change, and Vendor Management processes.
  

Certifications (Mandatory / Preferred)

• CCNA (mandatory), CCNP preferred or trained.
• FSCP Certified / Accredited (ForeScout Certified Professional) – mandatory or equivalent training.
• ITIL Foundation Certification preferred.
  

Core Technical Skillset

• Hands-on experience with ForeScout NAC – Enterprise Manager, CounterACT appliances, and policy configuration.
• Expertise in configuring and deploying policy enforcement rules and troubleshooting NAC posture failures.
• Strong understanding of Network Security concepts including 802.1X, certificate-based authentication, risk mitigation, and endpoint compliance.
• In-depth knowledge of Cisco and other OEMs’ network elements – routers, switches, WLCs, firewalls, and ACI fabrics.
• Strong working knowledge of the following tools and platforms:
• ForeScout, Cisco ISE, Cisco Prime, Splunk, Broadcom Spectrum (DX NetOps)
• CyberArk, Ansible, NetRequest, SPDW, Essas
• MS Office, ServiceNow, JIRA
  

Core Responsibilities

• NAC Operations & Incident Management
• Handle advanced troubleshooting of NAC systems, addressing server-level and enforcement issues.
• Perform root cause analysis (RCA) for recurring NAC incidents.
• Manage high-severity incident escalations and coordinate with customer L3/L4 or engineering teams.
• Ensure timely closure of NAC-related incidents, problems, and change requests using ITSM tools (ServiceNow, JIRA).
• Configuration & Policy Management
• Support new NAC configurations, upgrades, and migrations.
• Manage ForeScout policy engines for device classification, compliance, and access segmentation.
• Configure integration with switches, WLCs, and virtual machines using SNMP, SSH, or APIs.
• Troubleshoot and analyze posture validation failures, guest access, and 802.1X certificate issues.
• Compliance, Audit, and Reporting
• Conduct NAC policy audits and ensure compliance enforcement across network endpoints.
• Maintain account access compliance, perform alarm and event management, and manage system health checks.
• Generate performance and compliance reports (daily, weekly, and monthly).
• Manage and track NAC certificate renewals and integrations.
• Automation & Process Improvement
• Collaborate with automation teams to enhance monitoring and alerting systems.
• Support deployment of NAC automation scripts post-sign-off by engineering.
• Design and implement classification rules, plugins, and remediation workflows to optimize NAC performance.
• Identify and execute continuous improvement opportunities in NAC operations and incident processes.
• Documentation & Governance
• Create and maintain technical documentation, as-built network diagrams, inventory, and SOPs/runbooks.
• Participate in technical design reviews, policy governance, and advisory boards.
• Update knowledge bases and ITSM documentation with latest RCA findings and configuration updates.
  

Behavioral Competencies

• Strong communication and interpersonal skills (verbal & written).
• Proactive and customer-oriented mindset.
• Team player with cross-functional collaboration capability.
• Analytical thinker with a structured approach to troubleshooting.
• Willingness to work extended hours or rotational shifts during critical incidents.
  

Department Mapping

Primary Department:

Sub-Function:

Interfaces With

• Network Operations (NOC) & Security (SOC) Teams
• Automation & ITSM Teams
• Customer L3 / Engineering Teams
• Vendor Support (ForeScout, Cisco, Broadcom)