Firewall Engineer

Hello There

My name is Himanshu Sharma and I serve as the Recruitment Lead at Kanak-IT INC. I am reaching out to share an excellent career opportunity for the role of Firewall Engineer with our esteemed client. If you are interested then please share your updated resume at .

Job Description

Position: Firewall Engineer

Location: Linthicum MD Hybrid

The interview is in-person so kindly share candidates local to DMV area only.

Key Responsibilities:

• Perform routine migrations and upgrades of all Check Point firewalls and management servers to the latest supported firmware and software versions in a large-scale production environment.
• Configure and maintain Checkpoint High Availability (HA) clusters using ClusterXL and VRRP ensuring traffic synchronization and failover reliability.
• Deploy manage and troubleshoot Check Point SSL extender Mobile Access VPN and Remote Access VPN for secure access to DPSCS systems.
• Deploy manage and maintain the Harmony Endpoint Security Agent across endpoint devices.
• Configure HTTPS inspection certificates on the management station for outbound SSL inspection and encrypted traffic visibility.
• Create manage and optimize firewall rule bases including inline layers IPS policies NAT rules application control and URL filtering.
• Configure and manage more than 300 IPsec VPN tunnels with external partners including federal agencies private providers and local law enforcement.
• Provide Tier 3 support for over 20000 VPN users resolving authentication connectivity and software-related issues.
• Monitor firewall activity logs and integrate log forwarding with Splunk SIEM for real-time threat detection and compliance reporting.
• Manage internal CA certificates including renewals and deployment across Check Point systems.
• Plan and execute hardware refreshes for Check Point appliances to maintain lifecycle compliance and performance optimization.
• Conduct routine security reviews including IDS/IPS SFTP activity and user internet activity and coordinate with internal teams to resolve anomalies.
• Perform network forensics and incident analysis in response to security events escalating confirmed incidents as needed.
• Configure LAN DHCP and DNS services on Check Point edge firewalls for branch locations.
• Resolve change and incident management tickets through the DPSCS ticketing system.

Required Qualifications:

Education:

Bachelors Degree in Cybersecurity Information Technology or a related field.

Certifications:

Check Point Certified Security Administrator (CCSA) R80 or higher (Required)

Additional certifications (e.g. CCSE CISSP or relevant SIEM/vendor certifications) are a plus.

Experience:

• Minimum 8 years of experience in IT or Cybersecurity with a focus on security operations.
• Minimum 5 years of experience configuring and administering Check Point firewall technologies in large enterprise environments.
• Experience with IPsec IPsec VPNs GRE over IPsec and secure remote access technologies.
• Proven experience integrating firewall platforms with SIEM tools (e.g. Splunk).
• Previous experience in a government or public sector IT environment is preferred.

Technical Competencies:

• Expertise in Check Point firewalls including R80.40 R81.10 and R81.20 versions.
• Strong understanding of network protocols routing NAT and security policy enforcement.
• In-depth knowledge of firewall logs incident response procedures and policy auditing.
• Experience configuring and managing IPsec tunnels VPN gateways and access control for remote users.
• Familiarity with integrating and maintaining SIEM platforms like Splunk for log correlation and incident detection.
• Strong troubleshooting skills for network and security issues in complex distributed environments.