About the position
Firewall Deployment & Configuration
- Install, configure, and maintain Check Point firewalls (R80.x, R81.x, Gaia OS).
- Define and manage security policies, NAT rules, and ACLs.
- Implement VPN solutions (Site-to-Site, Remote Access, SSL VPN).
- Configure Threat Prevention (IPS, Anti-Bot, Anti-Virus) and URL Filtering.
Firewall Management & Monitoring
- Administer Security Management Server (SMS) and Multi-Domain Server (MDS).
- Monitor logs and alerts using SmartView Tracker & SmartEvent.
- Perform policy optimization and rule cleanup.
- Manage ClusterXL (High Availability) and Load Balancing.
Security & Threat Management
- Respond to security incidents, intrusions, and malware threats.
- Apply Check Point updates and security patches.
- Support vulnerability assessments and penetration testing.
- Ensure compliance with PCI-DSS, NIST, ISO 27001.
Troubleshooting & Support
- Resolve connectivity, performance, and policy issues.
- Analyze packet captures and logs for root cause analysis.
- Provide Level 3 support for escalated issues.
- Collaborate with SOC/NOC teams for real-time threat response.
Automation & Optimization
- Automate firewall tasks using CLI, Bash, or Python scripts.
- Conduct tuning and capacity planning.
- Support Zero Trust and Micro-Segmentation implementation.
Documentation & Reporting
- Maintain firewall documentation and change logs.
- Generate reports on security events and compliance.
- Provide knowledge transfer to internal IT teams.
Cloud & Hybrid Security (Optional)
- Manage Check Point CloudGuard in AWS, Azure, or GCP.
- Integrate on-premise and cloud security frameworks.
Vendor & Stakeholder Coordination
- Work with Check Point TAC for critical escalations.
- Align firewall policies with business needs in collaboration with relevant stakeholders.
Education & Certifications
- Bachelor's degree in IT, Cybersecurity, or equivalent.
- Certification: CCSA or CCSE (preferred).
Technical Skills & Experience
- 3+ years with Check Point firewalls (R80.x, R81.x, Gaia OS).
- Strong grasp of NAT, VPN, Threat Prevention, URL Filtering.
- SMS/MDSM experience.
- Familiar with ClusterXL, VSX, CloudGuard.
- Networking and security knowledge (TCP/IP, DNS, BGP, OSPF, Zero Trust).
- Scripting (Bash, Python, CLI) experience is advantageous.
Soft Skills
- Strong analytical and troubleshooting skills.
- Documentation proficiency.
- SOC/NOC experience.
- Understanding of compliance frameworks (PCI-DSS, NIST, ISO 27001).
- Excellent communication and collaboration abilities.
Desired Skills:
- VPN
- Threat Prevention
- URL Filtering
- SMS/MDSM experience
- VSX
- CloudGuard
- DNS
- BGP
- OSPF
- Zero Trust)
- Bash
- Python
- CLI
- ClusterXL
- NAT
- analytical
- troubleshooting skills
- Documentation proficiency
- SOC/NOC
- PCI-DSS
- NIST
- ISO 27001
Desired Work Experience:
Desired Qualification Level:
