Job Description

Hello There,

My name is Himanshu Sharma, and I serve as the Recruitment Lead at Kanak-IT INC. I am reaching out to share an excellent career opportunity for the role of Firewall Engineer with our esteemed client. If you are interested then please share your updated resume at Himanshu01@kanakits.com .

Position: Firewall Engineer

Location: Linthicum, MD Hybrid

The interview is in-person, so kindly share candidates local to DMV area only.

• Perform routine migrations and upgrades of all Check Point firewalls and management servers to the latest supported firmware and software versions in a large-scale production environment.
• Configure and maintain Checkpoint High Availability (HA) clusters using ClusterXL and VRRP, ensuring traffic synchronization and failover reliability.
• Deploy, manage, and troubleshoot Check Point SSL extender, Mobile Access VPN, and Remote Access VPN for secure access to DPSCS systems.
• Deploy, manage, and maintain the Harmony Endpoint Security Agent across endpoint devices.
• Configure inspection certificates on the management station for outbound SSL inspection and encrypted traffic visibility.
• Create, manage, and optimize firewall rule bases, including inline layers, IPS policies, NAT rules, application control, and URL filtering.
• Configure and manage more than 300+ IPsec VPN tunnels with external partners including federal agencies, private providers, and local law enforcement.
• Provide Tier 3 support for over 20,000 VPN users, resolving authentication, connectivity, and software-related issues.
• Monitor firewall activity logs and integrate log forwarding with Splunk SIEM for real-time threat detection and compliance reporting.
• Manage internal CA certificates, including renewals and deployment across Check Point systems.
• Plan and execute hardware refreshes for Check Point appliances to maintain lifecycle compliance and performance optimization.
• Conduct routine security reviews including IDS/IPS, SFTP activity, and user internet activity, and coordinate with internal teams to resolve anomalies.
• Perform network forensics and incident analysis in response to security events, escalating confirmed incidents as needed.
• Configure LAN, DHCP, and DNS services on Check Point edge firewalls for branch locations.
• Resolve change and incident management tickets through the DPSCS ticketing system.

Education:

Bachelor's Degree in Cybersecurity, Information Technology, or a related field.

Certifications:

Check Point Certified Security Administrator (CCSA), R80 or higher (Required)

Additional certifications (e.g., CCSE, CISSP, or relevant SIEM/vendor certifications) are a plus.

Experience:

• Minimum 8 years of experience in IT or Cybersecurity, with a focus on security operations.
• Minimum 5 years of experience configuring and administering Check Point firewall technologies in large enterprise environments.
• Experience with IPsec, IPsec VPNs, GRE over IPsec, and secure remote access technologies.
• Proven experience integrating firewall platforms with SIEM tools (e.g., Splunk).
• Previous experience in a government or public sector IT environment is preferred.

• Expertise in Check Point firewalls, including R80.40, R81.10, and R81.20 versions.
• Strong understanding of network protocols, routing, NAT, and security policy enforcement.
• In-depth knowledge of firewall logs, incident response procedures, and policy auditing.
• Experience configuring and managing IPsec tunnels, VPN gateways, and access control for remote users.
• Familiarity with integrating and maintaining SIEM platforms like Splunk for log correlation and incident detection.
• Strong troubleshooting skills for network and security issues in complex, distributed environments.

Job Tags

Similar Jobs