Network Security Cisco ASA Checkpoint

Plano, TX - USA

Monthly Salary: Not Disclosed

Posted on: 9 days ago

Vacancies: 1 Vacancy

Job Summary

Position Title: Network Security - Cisco ASA Checkpoint

Location: Plano TX ( 5 days Onsite); need only local profiles

Total Exp Required- 8--12 Years

Overview:
We are looking for a highly experienced SD-WAN Engineer to lead the design deployment and lifecycle management of software-defined WAN (SD-WAN) solutions across a BFSI-grade hybrid enterprise.

The role demands deep technical expertise in routing traffic engineering cloud integration and zero-touch provisioning with a strong focus on resiliency security and application performance.

Primary Technical Skills

SD-WAN Platforms: Hands-on experience with Cisco Viptela Fortinet Secure SD-WAN VMware VeloCloud and Silver Peak Unity EdgeConnect.
Routing Protocols: Advanced configuration and troubleshooting of BGP OSPF EIGRP and route redistribution across underlay and overlay networks.
Application-Aware Routing: Implementation of dynamic path selection DSCP-based prioritization and real-time traffic steering based on SLA metrics.
WAN Optimization: Deep understanding of deduplication compression TCP optimization and forward error correction (FEC).
SD-WAN Orchestration: Proficient in zero-touch provisioning (ZTP) template-based policy deployment and multi-tenant segmentation.
Cloud Integration: Design and deployment of direct cloud on-ramp to AWS Azure and GCP including ExpressRoute Transit Gateway and cloud-native firewalls.
Overlay Security: Implementation of IPSec tunnels IKEv2 certificate-based authentication and role-based access control (RBAC).
High Availability & Failover: Design of active-active/active-standby topologies dual CPE and path resiliency mechanisms.
QoS & Traffic Engineering: End-to-end QoS policy design shaping policing and per-app SLA enforcement.
Multicast & Voice Optimization: Support for multicast over SD-WAN VoIP prioritization and MOS-based routing decisions.

Secondary Technical Skills

Transport Diversity: Integration of MPLS broadband 5G/LTE and satellite links into SD-WAN fabric with path cost modeling.
Monitoring & Telemetry: Use of SolarWinds NetFlow SNMP traps and SD-WAN analytics dashboards for proactive monitoring and SLA validation.
Firewall & VPN Integration: Policy coordination with NGFWs (e.g. Fortinet Palo Alto) site-to-site VPNs and ZTNA gateways.
Automation & Scripting: Development of Python Ansible or REST API scripts for bulk provisioning compliance checks and config drift detection.
Network Segmentation: Design of VRF-based segmentation zone-based policies and microsegmentation across branches and data centers.
DNS & DHCP Integration: Centralized DHCP relay DNS forwarding and split-horizon DNS for hybrid environments.
Syslog & SIEM Integration: Forwarding of SD-WAN logs to SIEM platforms (e.g. Splunk QRadar) for event correlation and compliance auditing.
Cloud-Native Networking: Exposure to Transit Gateway Connect Azure Virtual WAN and GCP Cloud Router.
Policy-Based Forwarding (PBF): Use of match-action rules to steer traffic based on application source or destination.
Overlay-Underlay Correlation: Mapping of overlay tunnels to underlay health with real-time path remediation.

Required Experience

8 12 years in network engineering with 3 years in hands-on SD-WAN deployment operations and troubleshooting.
Proven experience in designing and scaling SD-WAN architectures across multi-branch BFSI environments.
Strong documentation skills: HLD/LLD runbooks change control and as-built diagrams.
Experience in regulated sectors (BFSI healthcare telecom) with emphasis on compliance audit readiness and risk mitigation.
Ability to lead cross-functional collaboration with security cloud and infrastructure teams.

Preferred Qualifications

Exposure to SASE/SSE convergence models including ZTNA SWG and CASB integration with SD-WAN.
Familiarity with cloud-native networking constructs and service chaining in hybrid environments.
Understanding of ITIL v4 processes: incident change and problem management.
Experience with DevNet NetDevOps or CI/CD pipelines for network automation.
Knowledge of compliance frameworks: ISO 27001 NIST 800-53 RBI PCI-DSS.

Position Title: Network Security - Cisco ASA Checkpoint Location: Plano TX ( 5 days Onsite); need only local profiles Total Exp Required- 8--12 Years Overview: We are looking for a highly experienced SD-WAN Engineer to lead the design deployment and lifecycle management of software-defined W...