¡Has copiado correctamente la URL del trabajo en el portapapeles!

Detalles del empleo 

Tipo de empleo: 

Full-Time

Ubicación:

Czechia, Praha

Categoría del empleo:

Information Systems

Número de empleo:

WD30273239

¡Has copiado correctamente la URL del trabajo en el portapapeles!

Comportamientos ganadores de Johnson Controls

Nos concentramos en lo que importa

Ganamos como un solo equipo

Asumimos la responsabilidad del resultado

Mejoramos cada día

Descripción del empleo

What you will do

As part of the global Zero Trust team, you will serve as the strategic and technical owner of the enterprise Network Access Control (NAC) platform. Working within a shared-responsibility model, you will focus on defining security policies, driving 3rd-party integrations, and enhancing device visibility, while partnering with the Network team who manages the underlying infrastructure.

You will act as the design authority, defining the global Zero Trust network micro-segmentation strategy and driving cross-functional teams to execute it.

How you will do it

  • Zero Trust Segmentation Pilots: Drive the end-to-end execution of network segmentation initiatives, transitioning from monitor-only phases to active enforcement via VLAN assignments and ACLs.

  • Dynamic Trust Profiling: Architect and refine the platform's Trust Model. Build multi-property assessments to accurately categorize a large-scale deployment of IT, IoT, and OT devices, effectively eliminating security blind spots for unmanaged assets.

  • Incident Response (IR) Quarantining: Partner with SecOps and IR teams to build automated, on-demand quarantining capabilities. Develop integrated workflows to instantly isolate rogue, compromised, or non-compliant endpoints.

  • Advanced Discovery & Integrations: Dictate requirements for enhanced network visibility (e.g., leveraging passive discovery techniques). Fully own the integration of the NAC platform with the broader security ecosystem, including EDR, MDM, ITSM, and cloud-based risk reporting tools.

  • Platform Governance & Automation: Design and enforce granular Role-Based Access Control (RBAC) to ensure the Principle of Least Privilege. Develop automated workflows (via REST APIs or low-code platforms) to streamline operations and aggressively reduce manual MAC address whitelisting.

What we look for

Required

  • Strong hands-on engineering experience with enterprise NAC platforms (Forescout or Cisco ISE), specifically focused on advanced policy creation and device profiling.

  • Deep understanding of Zero Trust Architecture, IoT/OT device classification, and building "Semi-Trust" logic for unmanaged network assets.

  • Ability to act as a technical authority, defining security policies and collaborating effectively with network infrastructure teams to execute changes.

  • Solid knowledge of core network security concepts, including network segmentation, VLAN assignments, 802.1X, RADIUS, and DHCP/SNMP protocols.

Preferred

  • Relevant NAC Certifications (e.g., Forescout FSCA/FSCP or Cisco ISE equivalent).

  • Familiarity with NAC cloud-based reporting, vulnerability data enrichment, and risk-based security scoring.

  • Experience leveraging REST APIs to build automated security response workflows and integrating with asset management or security tools.

About Us

Johnson Controls, a global leader in thermal management, mission-critical building systems, energy efficiency, and decarbonization, helps customers use energy more productively, reduce carbon emissions, and operate with the precision and resilience required in rapidly expanding industries such as data centers, healthcare, pharmaceuticals, advanced manufacturing, and higher education.

For more than 140 years, Johnson Controls has delivered performance where it really matters. Backed by advanced technology, lifecycle services and an industry-leading field organization, we elevate customer performance, turn goals into real-world results and help move society forward.

We are committed to diversity and inclusion and believe that different perspectives make us stronger. By encouraging open dialogue and valuing individuality, we strive to be one of the most desirable places to work.

#LI-BB1

#LI-Hybrid

Mantente actualizado con las últimas oportunidades

Subscríbete a nuestro boletín de empleo para recibir las últimas actualizaciones sobre oportunidades profesionales, noticias de la empresa y perspectivas de la industria.

Subscríbete