Firewall Subject Matter Expert (SME)

Position Overview
We are seeking a highly skilled Checkpoint Firewall Subject Matter Expert (SME) to join our team. The ideal candidate will bring multiple years of hands-on experience in designing, implementing, and maintaining enterprise-grade firewall solutions using Checkpoint technologies. This role requires deep technical expertise in firewall security, with the ability to serve as a trusted advisor and escalation point for complex issues.
In addition to firewall rule and policy management, the SME will be responsible for the deployment, tuning, and ongoing administration of Checkpoint management and logging servers, ensuring accurate visibility, reporting, and compliance.
This role also requires participation in a 24x7 support rotation, including the ability to respond to incidents and perform maintenance during off-hours as necessary to support mission-critical operations.
While not required, experience with GTP firewall policies and exposure to LTE/5G network environments will be considered a strong plus.

Key Responsibilities
Design, configure, implement, and optimize Checkpoint firewall solutions across enterprise and carrier-grade environments.
Manage, monitor, and maintain Checkpoint management servers (SmartCenter, Multi-Domain Management) and logging servers (SmartEvent, Log Server, Security Management) to ensure high availability, accurate event collection, and reporting.
Provide subject matter expertise for firewall policies, rule base design, and advanced security configurations.
Collaborate with cross-functional teams to evaluate business and technical requirements, ensuring secure and efficient network architecture.
Act as a senior escalation point for troubleshooting and resolving complex firewall/security-related issues.
Participate in a 24x7 on-call rotation, responding to incidents and performing urgent maintenance during off-hours.
Perform security audits, risk assessments, and compliance checks of firewall and logging configurations.
Develop and maintain documentation for security policies, procedures, and infrastructure.
Stay current with emerging security technologies, threats, and best practices in network and firewall security.
(Optional/Desired) Design and manage GTP firewall policies to support mobile network environments.
(Optional/Desired) Apply firewall expertise in LTE/5G infrastructures, ensuring security alignment with evolving telecom standards.

Required Qualifications
5+ years of hands-on experience with Checkpoint firewall technologies (R80.x and above preferred).
Strong knowledge of network security principles, firewall rule design, NAT, VPNs, and intrusion prevention.
Experience administering and troubleshooting Checkpoint management servers and logging infrastructure.
Familiarity with network protocols (TCP/IP, DNS, HTTP/S, BGP, OSPF, etc.).
Proven track record of implementing and managing large-scale firewall deployments.
Willingness and ability to support off-hours work and participate in a 24x7 on-call rotation.
Excellent analytical and problem-solving skills with strong attention to detail.
Strong communication skills to interact with both technical and business stakeholders.

Desired Qualifications
Experience with GTP firewall policies in mobile carrier environments.
Knowledge of LTE/5G architecture, protocols, and security considerations.
Checkpoint certifications (e.g., CCSA, CCSE, CCSM) are highly preferred.
Experience with automation, scripting, and orchestration tools for firewall and log management.
Prior work in telecom or mobile carrier environments is a plus.