The world's trusted engineering network

Senior Network Security Engineer – Checkpoint

Security EngineerSecurity EngineerContractRemoteTeam 51-200Since 2006H1B No SponsorCompany Site LinkedIn

Location

United States

Posted

58 days ago

Salary

Not specified

6 yrs expEnglishAnsibleAWSAzureCloudDNSFirewallsGoogle Cloud PlatformKubernetesPythonSplunkSwitchingTcp/ipTerraform

Job Description

• Design, document, and implement secure network architectures, including segmentation (micro and macro), zero-trust principles, and secure remote access solutions. • Administer, configure, and troubleshoot our enterprise firewall infrastructure, with a primary focus on Check Point gateways (R-series, Maestro) and management suite. • Implement and support site-to-site and remote access VPN solutions. • Develop scripts (Python, Ansible, PowerShell, bash) and utilize APIs to automate repetitive tasks, enforce compliance, and streamline security operations. • Serve as an escalation point for security incidents. • Perform forensic analysis on network traffic and firewall logs to identify and remediate threats. • Ensure security configurations comply with internal policies and external regulations (e.g., PCI-DSS, ISO 27001, GDPR). • Deploy, configure, and maintain other critical network security technologies such as: Next-Generation Firewalls (e.g., Palo Alto Networks, Fortinet) Web Application Firewalls (WAF) Intrusion Detection/Prevention Systems (IDS/IPS) Proxy and content filtering solutions.

Job Requirements

6+ years of hands-on experience in network security engineering roles.
In-depth, hands-on experience (5+ years) with Check Point R80.x+ management and gateway administration.
Policy management, rule lifecycle, and complex NAT.
Check Point security blades and advanced threat prevention features.
Check Point ClusterXL and/or VSX technologies.
Expert understanding of TCP/IP, routing protocols (BGP, OSPF), switching, VPN technologies (IPsec, SSL), and DNS.
Strong grasp of security concepts: defense-in-depth, threat vectors, cryptography, AAA (RADIUS/TACACS+), and common attack methodologies.
Experience with scripting language (Python preferred, Ansible, Terraform).
Experience integrating on-premise security with public cloud environments (AWS, Azure, GCP) and securing cloud-native workloads.
Excellent verbal and written communication skills, with the ability to explain complex technical issues to both technical and non-technical audiences.
Check Point certifications (CCSA, CCSE) highly desirable.
Certifications from other vendors (PCNSE, NSE, CISSP, CISM, etc.).
Experience with SIEM integration and log analysis (Splunk, ArcSight, etc.).
Knowledge of container and Kubernetes security.
Experience in DevOps/SecOps environments.