Network Security Engineer – Check Point L3- Hybrid : Bangalore

Job Title-Network Security Engineer – L3 (Check Point Specialist)

Location-Bangalore, India

Employment Type-Full-time

Experience

Typically 5 + years (preferred 7-10 years) of hands-on experience in network security / firewall engineering, including Check Point firewalls & higher-level escalations.

Job Overview

We are seeking a seasoned Network Security Engineer (L3) with deep expertise in Check Point firewall platforms (CCSA / CCSE / CCNC) and enterprise network security operations. The ideal candidate will :

Serve as the escalation point for complex firewall / network security issues.

Lead the design, deployment, management and optimisation of Check Point security gateways / clusters.

Work closely with cross-functional teams (network, security, operations) to ensure high availability, performance and compliance.

Drive continuous improvement of security posture through advanced configurations, logging / forensics and threat mitigation.

Key Responsibilities

Configure, administer, optimise and troubleshoot Check Point firewall gateways, clusters (ClusterXL), VSX, SmartConsole, SmartEvent / SmartLog.

Modernise and upgrade Check Point environments (version upgrades, policy consolidation, rulebase optimisation).

Perform complex NAT, VPN (site-to-site, remote access SSL, IPsec), routing, dynamic routing integration with firewalls, high-availability failover configurations.

Manage firewall policies, access controls, zones, intrusion prevention (IPS), application control, URL filtering, SSL inspection, and advanced threat prevention on Check Point platforms.

Monitor, analyse and respond to security incidents involving Check Point firewalls; perform root cause analysis and remedial action.

Produce and maintain operational documentation : policy reviews, rulebase justification, incident reports, configuration baselines, change logs.

Collaborate with network / infra teams to ensure firewall integrations with routing, switching, WAN / SD-WAN, load-balancers and cloud connectivity.

Participate in architecture / design review for new security deployments, migrations from legacy firewalls (or from other vendors to Check Point).

Ensure compliance with internal security standards and external regulatory frameworks (eg. ISO 27001, NIST, PCI-DSS).

Mentor / guide L1 / L2 teams; drive automation or scripting (where applicable) to streamline firewall operations.

Liaise with vendor support for escalation of hardware / software issues, patches, hot-fixes, service packs.

Required Skills & Qualifications

Bachelor’s degree in Computer Science, Information Security or related field (or equivalent work experience).

Minimum 5-7 years (or 7-10 years preferred) of enterprise network security experience with Check Point firewalls (administration, clustering, migration, troubleshooting).

Possess or working towards certifications : CCSA, CCSE, ideally CCSE Firewall or CCSE NGX / CCSE UX, or equivalent.

Deep understanding of TCP / IP, BGP, OSPF, static routing, NAT, VLANs, switching, WAN technologies (MPLS / SD-WAN).

Strong VPN experience (IPsec, SSL), NAT, firewall rule design, policy management, intrusion prevention and detection.

Experience working in 24×7 operations support environment, escalated incident handling, root-cause analysis.

Familiarity with SIEM, log collection / analysis, threat intelligence, endpoint protection, and vulnerability management.

Excellent communication and documentation skills; ability to interact with stakeholders and present technical solutions.

Preferably experience in multi-site / data-centre environments, migrations from other firewall vendors, high-availability / cluster deployments.