Checkpoint Engineer

Title: Senior Network Security Engineer (Checkpoint)

Location: Houston, TX

Duration: Fulltime

Responsibilities:

• Deploy, configure, and manage Checkpoint firewalls (R80.x, R81.x) including policies, NAT, VPN, IPS, and threat prevention features.
• Manage security zones, access control policies, and URL filtering.
• Monitor and respond to security events and incidents related to firewalls and network devices.
• Perform log analysis, packet captures, and troubleshooting using tools like SmartConsole and SmartView.
• Perform regular firewall rule reviews to optimize security and ensure compliance with security best practices while ensuring business continuity.
• Work on Palo Alto firewalls (good to have) including Panorama, GlobalProtect, and security profiles.
• Manage and optimize traffic management using iRules and custom configurations on F5 devices.
• Architect and design Network Security solutions
• Ensure security of routing protocols (BGP, OSPF), VLANs, and load balancing across the network.
• Perform security assessments and audits to ensure compliance with organizational security policies.
• Involve in security audits, vulnerability assessments, and incident response to ensure network security compliance.
• Ensure security policies align with ISO 27001, NIST, SOC2, PCI-DSS, SOX standards.
• Monitor network performance and proactively address bottlenecks, latency issues, and security breaches.
• Maintain detailed documentation for firewall configurations, security policies, and network diagrams.

Requirements:

• 12 years of experience in Network Security Engineering.
• 6 years of strong experience in Checkpoint Firewall administration (R80.x, R81.x).
• Experience in log analysis, incident response, and security monitoring.
• Hands-on with VPNs (SSL/IPSec), NAT, IDS/IPS, Threat Prevention, and URL Filtering.
• Understanding of network protocols (TCP/IP, BGP, OSPF, VLANs, DHCP, DNS, NAT, SNMP, IPsec, GRE, VXLAN).
• Good to have experience with Palo Alto firewalls and Panorama.
• Experience with F5 Load Balancers (LTM, GTM, APM, ASM) is good to have.
• Knowledge of SIEM tools (Splunk, QRadar, Checkpoint SmartEvent) is a plus.
• Must have experience gathering security requirements and designing network security.
• Experience with automation and scripting (Python, Ansible, Terraform) is a plus.
• Preferred Certifications : Checkpoint Certified Security Expert (CCSE) or Checkpoint Certified Security Administrator (CCSA).
• Must have excellent understanding of security architecture and integration
• Good to have experience with cloud-based security solutions (AWS, Azure, Google Cloud Platform).
• Strong troubleshooting and analytical skills.
• Excellent communication and documentation skills.
• Ability to work independently and as part of a global security team.