Firewall Engineer - Checkpoint (Remote)

This position is remote but candidates must be local to the DC/Baltimore, MD area. Salary: $135,000 - 145,000/yearAs a Security Firewall Engineer, you will be responsible for the design, implementation, and management of Checkpoint firewalls and Web Application Firewalls (WAF). You will play a critical role in safeguarding our network infrastructure and applications against security threats, ensuring compliance with industry standards, and supporting our overall cybersecurity strategy.

Responsibilities

• Firewall Management:
• Design, configure, and maintain Checkpoint firewalls to ensure optimal performance and security.
• Monitor firewall logs and alerts, conducting regular reviews to identify and mitigate potential security threats.
• Implement and manage firewall rules and policies to control network traffic effectively.
• Web Application Firewall (WAF) Management:
• Deploy, configure, and manage WAF solutions to protect web applications from attacks such as SQL injection, cross-site scripting (XSS), and other vulnerabilities.
• Analyze WAF logs and traffic patterns to enhance security measures and optimize performance.
• Incident Response:
• Respond to security incidents involving firewalls and WAFs, conducting thorough investigations and implementing corrective actions as necessary.
• Collaborate with the security team to develop and update incident response plans related to firewall and application security.
• Documentation and Reporting:
• Maintain detailed documentation of firewall configurations, policies, and procedures.
• Prepare and present reports on firewall performance, incidents, and security posture to management and stakeholders.

Requirements

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Proven experience working with Checkpoint firewalls and WAF solutions.
• Strong understanding of network security principles and best practices.
• Relevant certifications (e.g., Check Point Certified Security Expert (CCSE), Certified Information Systems Security Professional (CISSP), etc.) are preferred.
• Proficiency in network protocols, routing, and switching concepts.