Senior Firewall Engineer

About The Position

Requirements

• Firewall Mastery, Advanced administration of Checkpoint Firewalls
• Deep knowledge of TCP/IP, NAT/PAT, BGP, OSPF, and SSL/TLS Inspection.
• Expert at using Wireshark, Splunk, and firewall auditing tools like Tufin.
• Experience managing security groups and virtual appliances in AWS or Azure.
• Integrating firewalls with Active Directory, LDAP, and MFA (SAML/Okta).
• Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences.
• Strong presentation skills for communicating architectural designs to executive leadership.
• Organized and able to meet deadlines.
• 7+ years of dedicated experience in Network Security Engineering.
• Bachelor’s degree in IT, Networking, or a related field (equivalent experience accepted).

Nice To Haves

• Checkpoint: CCSE (highly preferred)
• General: CompTIA Security+ or Cisco CCNP Security.

Responsibilities

• Lead the installation and configuration of physical and virtual firewalls (NGFW) in data centers and cloud VPCs.
• Process high-complexity firewall change requests, ensuring that all changes are documented and follow the change management process.
• Manage and troubleshoot Site-to-Site (IPsec) and Client-to-Site (GlobalProtect/AnyConnect) VPN tunnels.
• Perform regular firmware upgrades, vulnerability patching, and hardware refreshes across the global estate.
• Use packet captures and flow analysis (Wireshark, tcpdump) to resolve connectivity issues that junior staff cannot solve.
• Develop scripts (Python/Ansible) to automate repetitive tasks like health checks or mass object creation.
• Act as a technical mentor for Junior/Mid-level SOC and Network Engineers.