Hello There,
My name is Himanshu Sharma, and I serve as the Recruitment Lead at Kanak-IT INC. I am reaching out to share an excellent career opportunity for the role of Firewall Engineer with our esteemed client. If you are interested then please share your updated resume at Himanshu01@kanakits.com .
Job Description
Position: Firewall Engineer
Location: Linthicum, MD Hybrid
The interview is in-person, so kindly share candidates local to DMV area only.
Key Responsibilities:
- Perform routine migrations and upgrades of all Check Point firewalls and management servers to the latest supported firmware and software versions in a large-scale production environment.
- Configure and maintain Checkpoint High Availability (HA) clusters using ClusterXL and VRRP, ensuring traffic synchronization and failover reliability.
- Deploy, manage, and troubleshoot Check Point SSL extender, Mobile Access VPN, and Remote Access VPN for secure access to DPSCS systems.
- Deploy, manage, and maintain the Harmony Endpoint Security Agent across endpoint devices.
- Configure HTTPS inspection certificates on the management station for outbound SSL inspection and encrypted traffic visibility.
- Create, manage, and optimize firewall rule bases, including inline layers, IPS policies, NAT rules, application control, and URL filtering.
- Configure and manage more than 300+ IPsec VPN tunnels with external partners including federal agencies, private providers, and local law enforcement.
- Provide Tier 3 support for over 20,000 VPN users, resolving authentication, connectivity, and software-related issues.
- Monitor firewall activity logs and integrate log forwarding with Splunk SIEM for real-time threat detection and compliance reporting.
- Manage internal CA certificates, including renewals and deployment across Check Point systems.
- Plan and execute hardware refreshes for Check Point appliances to maintain lifecycle compliance and performance optimization.
- Conduct routine security reviews including IDS/IPS, SFTP activity, and user internet activity, and coordinate with internal teams to resolve anomalies.
- Perform network forensics and incident analysis in response to security events, escalating confirmed incidents as needed.
- Configure LAN, DHCP, and DNS services on Check Point edge firewalls for branch locations.
- Resolve change and incident management tickets through the DPSCS ticketing system.
Required Qualifications:
Education:
Bachelor’s Degree in Cybersecurity, Information Technology, or a related field.
Certifications:
Check Point Certified Security Administrator (CCSA), R80 or higher (Required)
Additional certifications (e.g., CCSE, CISSP, or relevant SIEM/vendor certifications) are a plus.
Experience:
- Minimum 8 years of experience in IT or Cybersecurity, with a focus on security operations.
- Minimum 5 years of experience configuring and administering Check Point firewall technologies in large enterprise environments.
- Experience with IPsec, IPsec VPNs, GRE over IPsec, and secure remote access technologies.
- Proven experience integrating firewall platforms with SIEM tools (e.g., Splunk).
- Previous experience in a government or public sector IT environment is preferred.
Technical Competencies:
- Expertise in Check Point firewalls, including R80.40, R81.10, and R81.20 versions.
- Strong understanding of network protocols, routing, NAT, and security policy enforcement.
- In-depth knowledge of firewall logs, incident response procedures, and policy auditing.
- Experience configuring and managing IPsec tunnels, VPN gateways, and access control for remote users.
- Familiarity with integrating and maintaining SIEM platforms like Splunk for log correlation and incident detection.
- Strong troubleshooting skills for network and security issues in complex, distributed environments.