Just an update folks,
our .NET managed client was attempting to negotiate a higher CipherSpec than what the MQ channel on their end was initially configured to support.
cf.SetStringProperty(XMSC.WMQ_SSL_CIPHER_SPEC, "TLS_RSA_WITH_AES_128_CBC_SHA256");
`

by updating the MQ channel configuration to use ANY_TLS12_OR_HIGHER, it resolved the issue.
The logs were quite visible at MQ queue manager level but on .NET side the logs were quite generic, strange.