Network Security Engineer with Forescout experience - 100% onsite - Calance US - New York, NY

Position Overview

We are seeking an experienced Network Security Engineer for a contract-to-hire engagement with one of New York City's leading healthcare organizations. This is a hands-on, senior-level role responsible for the design, deployment, and ongoing operational excellence of our network access control and security infrastructure. The contract is expected to convert to a permanent full-time position for the right candidate. The ideal candidate brings deep technical expertise in Forescout and thrives in a complex, compliance-driven healthcare environment where uptime and patient data protection are paramount.

Key Responsibilities

Design, deploy, and manage Forescout-based Network Access Control (NAC) infrastructure across enterprise and clinical environments

Develop and enforce device visibility, classification, and policy enforcement for managed, unmanaged, and IoT/medical devices

Author and maintain comprehensive technical documentation, standard operating procedures (SOPs), runbooks, and network security policies

Conduct architecture reviews and lead network security improvement initiatives in alignment with HIPAA, HITECH, and NIST frameworks

Collaborate with infrastructure, clinical engineering, and IT teams to ensure secure network segmentation and least-privilege access

Monitor network security events, investigate anomalies, and drive remediation efforts in coordination with the SOC team

Manage and maintain next-generation firewall infrastructure (Palo Alto Networks preferred), including rule lifecycle management and threat prevention policy tuning

Support and administer F5 application delivery and security services including LTM/GTM, APM, and ASM/AWAF

Lead vendor engagements, coordinate with managed service partners, and serve as internal SME for network security technologies

Participate in on-call rotation and provide escalation support for critical network security incidents

Required Qualificat