Castillians

Senior Network Security Engineer – Checkpoint

Castillians

contract

Posted on:

Location Type: Remote

Location: United States

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

AnsibleAWSAzureCloudDNSFirewallsGoogle Cloud PlatformKubernetesPythonSplunkSwitchingTCP/IPTerraform

About the role

  • Design, document, and implement secure network architectures, including segmentation (micro and macro), zero-trust principles, and secure remote access solutions.
  • Administer, configure, and troubleshoot our enterprise firewall infrastructure, with a primary focus on Check Point gateways (R-series, Maestro) and management suite.
  • Implement and support site-to-site and remote access VPN solutions.
  • Develop scripts (Python, Ansible, PowerShell, bash) and utilize APIs to automate repetitive tasks, enforce compliance, and streamline security operations.
  • Serve as an escalation point for security incidents.
  • Perform forensic analysis on network traffic and firewall logs to identify and remediate threats.
  • Ensure security configurations comply with internal policies and external regulations (e.g., PCI-DSS, ISO 27001, GDPR).
  • Deploy, configure, and maintain other critical network security technologies such as: Next-Generation Firewalls (e.g., Palo Alto Networks, Fortinet) Web Application Firewalls (WAF) Intrusion Detection/Prevention Systems (IDS/IPS) Proxy and content filtering solutions.

Requirements

  • 6+ years of hands-on experience in network security engineering roles.
  • In-depth, hands-on experience (5+ years) with Check Point R80.x+ management and gateway administration.
  • Policy management, rule lifecycle, and complex NAT.
  • Check Point security blades and advanced threat prevention features.
  • Check Point ClusterXL and/or VSX technologies.
  • Expert understanding of TCP/IP, routing protocols (BGP, OSPF), switching, VPN technologies (IPsec, SSL), and DNS.
  • Strong grasp of security concepts: defense-in-depth, threat vectors, cryptography, AAA (RADIUS/TACACS+), and common attack methodologies.
  • Experience with scripting language (Python preferred, Ansible, Terraform).
  • Experience integrating on-premise security with public cloud environments (AWS, Azure, GCP) and securing cloud-native workloads.
  • Excellent verbal and written communication skills, with the ability to explain complex technical issues to both technical and non-technical audiences.
  • Check Point certifications (CCSA, CCSE) highly desirable.
  • Certifications from other vendors (PCNSE, NSE, CISSP, CISM, etc.).
  • Experience with SIEM integration and log analysis (Splunk, ArcSight, etc.).
  • Knowledge of container and Kubernetes security.
  • Experience in DevOps/SecOps environments.
Benefits
  • Clear scope with no ambiguity over deliverables.
  • Opportunity for repeat engagements based on performance.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
network security engineeringfirewall administrationVPN solutionsscripting (Python, Ansible, PowerShell, bash)forensic analysisTCP/IProuting protocols (BGP, OSPF)security concepts (defense-in-depth, threat vectors, cryptography)cloud security (AWS, Azure, GCP)DevOps/SecOps
Soft skills
communication skillsproblem-solvingescalation management
Certifications
Check Point CCSACheck Point CCSEPCNSENSECISSPCISM