Network Security Engineer (Check Point Firewall, Zscaler (ZIA & ZPA), Cloudflare WAF,Aruba ClearPass)

Job Description – Network Security (L3)

Organizational Functions

• Manage day-to-day Operations according to customer environment
• Develop and implement network security architecture, policies, and procedures to protect against threats.
• Should be able to provide L3 level support on critical/Outage situation and drive end to end until the resolution.
• Good understanding of network protocols (HTTP, HTTPS, DNS, TCP/IP).
• Should have Strong expertise in:
  • Implementing and maintaining Checkpoint firewall and associated software module (VPN, URL Filtering, IPS etc.) infrastructure.
  • Should have good working experience on checkpoint VPN (S2S & Remote access).
  • Deep understanding of Cloudflare content delivery network (CDN) and security solutions, including web application firewalls (WAF), bot management, and DDoS protection.
  • Deep understanding of RADIUS, TACACS+, 802.1X, EAP methods, and networking protocols.
  • Installation and configuration of ClearPass Policy Manager (CPPM), including profiling, onboarding, and guest services.
  • Resolve complex authentication failures, latency issues, and TACACS+ service issues.
  • Proficiency with Zscaler tools (ZIA, ZPA, ZDX), packet capture analysis, and scripting languages (Python, PowerShell) for automation.
  • Design, implement, and tune ZIA/ZPA policies for roaming, branch, and third-party users, utilizing Zscaler''s cloud security concepts.
  • Resolve complex L2/L3 issues related to user connectivity, authentication (SAML, SCIM, Azure AD), and access flows.
  • Deep understanding of Zero Trust Network Access (ZTNA), Firewalls, and IPSec/SSL VPNs.
• Create and maintain comprehensive documentation related to network security infrastructure and procedures following the NIST and CIS standards.
• Identify the in-efficiencies in the operations and identify potential solutions to improve efficiency.
• Own and drive improvements in the areas of Operations, technology, Advisory and customer satisfaction.
• Stay up to date on emerging security threats, technologies, and industry trends.
• Manage and mentor a team of network security engineers and analysts.
• One should identify possible automation capabilities, their execution within the network security products and process and deliver across multiple customer environments.
• Should be cross-skilled across multiple technologies covering products like Firewalls, Web-Proxies, as well as cloud security products (AWS, Azure, Google Cloud Platform etc.)
• Should prepare weekly and monthly performance reports across multiple customer environments (people, technologies, Process Gaps, Risk, RAG status etc.)
• Should be able to conduct internal training to address the skill gap as well as motivate the team to do technical certifications.

Core Functions

• Focus on technologies and bring automation capabilities.
• Regular reporting on the state of the customer delivery.
• Maintain KPIs for the teams and report on Service Improvement Areas to senior management
• Identify risks and maintain compliance with submission of client-facing reports.
• Focus on industry-based practices and configuration and guide the team to follow the same.

Individual Performance Measurement Criteria

• Bring quality in service delivery and work on cross killing people to increase productivity.
• Quality and effectiveness in communications and engagement with stakeholders.
• Low / Zero Escalation from the customers
• Driving Innovation to improve Service standards & Quality.

Technical Skills

Proficiency Level

Understanding of the different security technologies, Experience in deploying, configuring and troubleshooting of

• Firewalls (Checkpoint)
• NAC – Aruba Clearpass
• Web application Firewall – Cloudflare
• Web-Proxy -Zscaler (ZIA/ZPA/ZDX)
• Email Security – Abnormal AI
• Load balancer – F5 BIG-IP

Experience in different Information Security Processes:

• Security Change Management
• Rule Base Reviews & Optimization
• Security Incident Management (Standard & Critical)

Understanding of different Security Architectures

Communication And Organizational Skills

• Good command of the English language, with excellent written and verbal skills.
• Proactive in communication and appropriate selection of audience according to topic.
• Highly organized and capable of tracking a variety of tasks to closure.
• Good time management principles and effective in prioritizing workloads.

Cultural Requirements

• Works collaboratively with other teams and builds positive working relationships
• Able to learn quickly and apply common sense to new situations, but understand when it is appropriate to engage others for advice
• Open and transparent style and approach when working with others
• Places a significant level of importance on personal & team development and understanding then improving upon weakness
• Accepting feedback from managers, peers, and clients regarding work performance
• Utilizes a goal-oriented approach, which drives self-improvement both personally and professionally and drives the teams.
• Takes the initiative to work on tasks outside of his or her immediate scope of responsibility and encourages others to do so.

Experience Required

• Minimum overall experience of 12 years.
• Minimum of 8 years'' experience in Information Security
• Minimum of 6 years'' experience in running a Security Operations Center for a large organization.

Certifications Required

• Industry-recognized certifications such as CCSA/CCSE, CCIE, or equivalent is highly desirable.

Education Qualifications

• Preferably Graduate with Science/Eng