NetworkSecurityEngineer

**What you will do** As part of Johnson Controls’ global Network Security Operations function, this role is responsible for the day-to-day operation, monitoring, support, and lifecycle management of the enterprise network security infrastructure on Level 1 and 2. The environment supports 1,000+ sites and 100,000+ users, including datacenters, manufacturing plants, sales offices, and customer contact centers. Technologies include Cisco, Fortinet, Zscaler, Silver Peak SD WAN, Akamai Guardicore, Tufin, Forescout NAC, Microsoft Azure, Google GCP, and related security platforms. **How you will do it** **Operational Support & Maintenance** * Operate and support enterprise Zero Trust platforms, primarily Forescout NAC and Infoblox DDI. * Perform daily monitoring, health checks, and troubleshooting of network access control services, DNS, and DHCP. * Manage network access exceptions, MAC address repository (MAR) whitelisting, and device compliance checks for corporate and BYOD/Guest networks. **Data Analytics & Asset Management** * Leverage data analytics skills to analyze, correlate, and reconcile asset data across Forescout, Infoblox, Axonius, and ServiceNow CMDB. * Assist in identifying, classifying, and managing the lifecycle of over 30,000 unmanaged, IoT, and OT devices across the global network. **Incident & Problem Management** * Respond to network access control incidents, including 802.1X/RADIUS authentication failures and Guest Captive Portal (JCI-Internet) loading issues. * Work collaboratively with the Network TOC, Service Desk, and field IT teams during security events or network service degradations. **Change & Configuration Management** * Implement approved access control rules, semi-trust policies, and network segmentation changes (VLAN assignments/ACLs) in production environments. * Execute DNS/DHCP configuration changes and IPAM updates following formal change management processes. **Automation & Continuous Improvement** * Identify opportunities to automat