Check Point Firewall Engineer

Network Security Engineer

Insight Global is seeking a Network Security Engineer to join a specialized security team responsible for protecting enterprise network boundaries with Check Point firewalls as the primary security control. This role focuses on the design, administration, and operational support of Check Point firewall policy and IPS capabilities, while also supporting cloud-based security services and remote access platforms as complementary technologies.

The ideal candidate has strong hands-on experience with firewall operations and troubleshooting, a solid networking foundation, and the ability to support layered security architectures in a large enterprise environment. Responsibilities listed below:

Perimeter & Firewall Security (Primary Responsibilities)

• Administer, maintain, and optimize Check Point firewalls to ensure secure and reliable enterprise perimeter and internal network protection.
• Design, implement, and manage firewall security policies to enforce least-privilege access, segmentation, and secure traffic flows.
• Support security incident response efforts by analyzing firewall logs, traffic patterns, and threat prevention events.
• Troubleshoot complex network and security issues related to firewall policy behavior, traffic flows, NAT, and routing.
• Operate and maintain Check Point IPS, ensuring protections are enabled and aligned with organizational security standards.
• Participate in firewall architecture reviews, rulebase optimization, and planned changes to support evolving business and security requirements.

Cloud Security & Remote Access (Secondary Responsibilities)

• Support Zscaler Internet Access (ZIA) as the enterprise web proxy and content filtering platform.
• Assist with the deployment, configuration, and ongoing operation of Zscaler Private Access (ZPA) for zero-trust remote connectivity.
• Support enterprise deployment and health of the Zscaler Client Connector, including troubleshooting user connectivity issues.
• Use Zscaler Digital Experience (ZDX) to help identify performance and end-user experience issues.
• Maintain and troubleshoot Cisco AnyConnect/Cisco Secure Client VPN headends using Cisco Firepower Threat Defense (FTD) hardware as managed by Cisco Firepower Management Center (FMC) as a secondary VPN solution.
• Provide operational support for Cisco FTD in IDS use cases.

Compliance & Documentation

• Maintain accurate documentation, including security standards, SOPs, and network/security diagrams.
• Ensure firewall and security platform configurations align with the NIST Cybersecurity Framework.

Pay ranges on experience $45/hr - $60/hr

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.

To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy.