Saxon Global
Checkpoint Firewall Engineer
Saxon Global, Chicago, Illinois, United States, 60290
Northern Trust Bank
Checkpoint Firewall Engineer
Chicago IL (Onsite W, TH, FRI)
** This will require work to be completed on the weekends (as needed)
** Most of this work is completed during the evening hours from Friday to Saturday (approx 4-6 hours) - overnight or early morning hours.
Overall project:
Fortify - FW Data Centre from End User Compute Edge
Contractor's Role : Checkpoint Firewall Engineer - Reporting to the Network Application Manager, the Firewall Engineer is seen as a technical expert in networking security (firewalls), API usage and integration, and threat management.
This is a technical and hands on role, with a primary focus on the holistic design and implementation of the Checkpoint Firewall solution. This specifically includes policy automation, threat policy management and troubleshooting, and API usage & integration. Will be expected to support the network engineering and global threat team(s) with complex troubleshooting of issues as required.
You will have experience of working in high impact, mission critical environments where service matters and exceeding expectations is the norm.
Required Skills:• Experience with Check Points API architecture to support automation and orchestration.• Has awareness of recent Checkpoint code levels and able to leverage modern features to solve problems• Has experience with firewall policy automation or leveraging Infrastructure as Code for deployments (Ansible/Terraform)• Has experience with Checkpoint IPS, AV and URL Filtering for threat management and troubleshooting• Describe the Check Point Firewall infrastructure. Create and modify Check Point Rule Base objects. Configuring new and maintaining Security Gateway Clusters.• Understand Smart Console features, functions, and tools. Validate existing licenses and contract requirements for Check Point security products. Monitor Management Server states. Grant permissions and user access.• Experience with Gaia system management procedures. Upgrading a Security Management Server• Understand system management procedures, including how to perform system upgrades and how to install hotfixes.• Familiarity with how Maestro uses Hyperscale Technology. Identify the essential components of the Maestro system• Experience with how the Maestro Orchestrators downlinks, uplinks, management, and sync ports function. Create, delete, and modify Security Groups• Understand the basics of the Dual-Site environment• Describe how the Gaia Command Line Interface (CLI) supports the configuration of MHO appliances• Perform diagnostic troubleshooting using the CLI• Evaluate how traffic flows through a Maestro environment• Demonstrate how to use traffic monitoring commands• Understands Checkpoint consumption of identity service for use in security rules• Understands, implement, and troubleshoot Checkpoint identity service• Advanced to expert capability of scripting in Python 2.7.
Preferred/ Recommended Skills:• Describe the Check Point Multi-Domain Security Management solution and its benefits.• Understand the components of MDSM and how they work together to help administrators manage multiple network security environments within a single management framework.• Understand how to install and configure the Multi-Domain Security Management environment.• Describe how to implement Management High Availability within the MDSM environment.• Understand how to manage and view multi-Domain activity logs in Smart Console.• Understand how to configure and implement Global Policy to manage rules for multiple domains
Daily Tasks & Responsibilities:- Understand Network- Leadership skills- Ability to respond quickly to inquiries
Required Skills : CheckPoint Firewall Policy Automation, or IaC via Ansible or Terraform CheckPoint IPS, AV, and URL Filtering24-Month ContractBackground Check :YesNotes :Selling points for candidate :24-Month ContractProject Verification Info :"The information provided below is for Apex Systems AV use only and is not to be distributed publicly, or to any third party. Any distribution of the below information will result in corrective action from Apex Systems Vendor Management. MSA: Blanket Approval Received Client Letter: Will Provide"Candidate must be your W2 Employee :YesExclusive to Apex :NoFace to face interview required :NoCandidate must be local :NoCandidate must be authorized to work without sponsorship ::NoInterview times set :YesType of project :Master Job Title :Branch Code :
Checkpoint Firewall Engineer
Chicago IL (Onsite W, TH, FRI)
** This will require work to be completed on the weekends (as needed)
** Most of this work is completed during the evening hours from Friday to Saturday (approx 4-6 hours) - overnight or early morning hours.
Overall project:
Fortify - FW Data Centre from End User Compute Edge
Contractor's Role : Checkpoint Firewall Engineer - Reporting to the Network Application Manager, the Firewall Engineer is seen as a technical expert in networking security (firewalls), API usage and integration, and threat management.
This is a technical and hands on role, with a primary focus on the holistic design and implementation of the Checkpoint Firewall solution. This specifically includes policy automation, threat policy management and troubleshooting, and API usage & integration. Will be expected to support the network engineering and global threat team(s) with complex troubleshooting of issues as required.
You will have experience of working in high impact, mission critical environments where service matters and exceeding expectations is the norm.
Required Skills:• Experience with Check Points API architecture to support automation and orchestration.• Has awareness of recent Checkpoint code levels and able to leverage modern features to solve problems• Has experience with firewall policy automation or leveraging Infrastructure as Code for deployments (Ansible/Terraform)• Has experience with Checkpoint IPS, AV and URL Filtering for threat management and troubleshooting• Describe the Check Point Firewall infrastructure. Create and modify Check Point Rule Base objects. Configuring new and maintaining Security Gateway Clusters.• Understand Smart Console features, functions, and tools. Validate existing licenses and contract requirements for Check Point security products. Monitor Management Server states. Grant permissions and user access.• Experience with Gaia system management procedures. Upgrading a Security Management Server• Understand system management procedures, including how to perform system upgrades and how to install hotfixes.• Familiarity with how Maestro uses Hyperscale Technology. Identify the essential components of the Maestro system• Experience with how the Maestro Orchestrators downlinks, uplinks, management, and sync ports function. Create, delete, and modify Security Groups• Understand the basics of the Dual-Site environment• Describe how the Gaia Command Line Interface (CLI) supports the configuration of MHO appliances• Perform diagnostic troubleshooting using the CLI• Evaluate how traffic flows through a Maestro environment• Demonstrate how to use traffic monitoring commands• Understands Checkpoint consumption of identity service for use in security rules• Understands, implement, and troubleshoot Checkpoint identity service• Advanced to expert capability of scripting in Python 2.7.
Preferred/ Recommended Skills:• Describe the Check Point Multi-Domain Security Management solution and its benefits.• Understand the components of MDSM and how they work together to help administrators manage multiple network security environments within a single management framework.• Understand how to install and configure the Multi-Domain Security Management environment.• Describe how to implement Management High Availability within the MDSM environment.• Understand how to manage and view multi-Domain activity logs in Smart Console.• Understand how to configure and implement Global Policy to manage rules for multiple domains
Daily Tasks & Responsibilities:- Understand Network- Leadership skills- Ability to respond quickly to inquiries
Required Skills : CheckPoint Firewall Policy Automation, or IaC via Ansible or Terraform CheckPoint IPS, AV, and URL Filtering24-Month ContractBackground Check :YesNotes :Selling points for candidate :24-Month ContractProject Verification Info :"The information provided below is for Apex Systems AV use only and is not to be distributed publicly, or to any third party. Any distribution of the below information will result in corrective action from Apex Systems Vendor Management. MSA: Blanket Approval Received Client Letter: Will Provide"Candidate must be your W2 Employee :YesExclusive to Apex :NoFace to face interview required :NoCandidate must be local :NoCandidate must be authorized to work without sponsorship ::NoInterview times set :YesType of project :Master Job Title :Branch Code :