Checkpoint Firewalls (NCS/Job/ 3930)

JD_Christie_ Lead Role F5 and Cisco ISE Key Responsibilities ·                    

  Manage and configure F5 BIG-IQ/BIG-IP LTM & AFM including VIPs, pools, profiles, and HA setup.

Develop and maintain iRules for routing, redirection, security filtering, and traffic control. Implement and manage AFM firewall policies including access control, geo-blocking, and DDoS protection. Perform application onboarding on F5 including VIP creation, SSL offloading, and validation. Handle SSL/TLS certificate lifecycle on F5, including installation, renewal, and troubleshooting. Plan and execute F5 upgrades, including pre-checks, backups, validation, and rollback. Administer Cisco ISE deployments including PAN, PSN, and monitoring nodes. Configure and troubleshoot Dot1x (802.1X) and MAB authentication for wired and wireless networks. Design and implement ISE authentication and authorization policies based on user/device profiles. Manage ISE certificate lifecycle for EAP authentication and system services. Perform Cisco ISE upgrades and patching with minimal impact to authentication services. Troubleshoot RADIUS, authentication, and endpoint connectivity issues using logs and live sessions. Monitor system health and validate configurations using logs, test endpoints, and dashboards. Prepare and execute change requests (CAB) with implementation, validation, and rollback plans.

Required Skills

Strong expertise in F5 BIG-IP LTM, AFM, and iRules (TCL) Hands-on experience with Cisco ISE, NAC deployments, and Dot1x (802.1X) Proficient in authentication protocols (RADIUS, AAA) and network security concepts Solid knowledge of TCP/IP, HTTP/HTTPS, DNS, and SSL/TLS Experience in application onboarding, traffic management, and policy enforcement Skilled in SSL/TLS certificate management (F5 & ISE – EAP, system certs) Expertise in ISE policy building (authentication & authorization) Experience in F5 and Cisco ISE upgrades, patching, and lifecycle management

Strong troubleshooting skills across network, security, and authentication flows Familiarity with Active Directory integration and endpoint profiling (ISE) Knowledge of AFM firewall policies, access control, and threat mitigation Experience with enterprise change management (ServiceNow/CAB processes) Exposure to Cisco FMC/FTD, SNMP, and monitoring tools (preferred) Firewall FMC/FTD Key

Responsibilities

 Manage, configure, and monitor Cisco FTD firewalls using FMC o         Perform firewall rule creation, modification, and optimization o         Handle L3 level troubleshooting (NAT, routing, VPN, application issues) Troubleshoot network and security issues related to firewall, NAT, and VPN Configure and maintain routing protocols (OSPF, BGP, Static Routing) Handle switching concepts (VLANs, STP, trunking, port security) Monitor firewall health, logs, and traffic (allow/block analysis) Perform NAT, ACL, and security policy validation Support incident management for P1/P2 network/security issues Coordinate with InfoSec and application teams for access requirements Implement and validate changes as per change management (CAB) process Perform firmware upgrades, patching, and HA (High Availability) monitoring Work on VPN technologies (Site-to-Site, Remote Access – AnyConnect) Ensure compliance with security policies and SLA requirement

Required Skills

 ● Strong experience in: ○ ○ Cisco FTD (Firepower Threat Defense) Cisco FMC (Firepower Management Center) Good knowledge of: ● ○ ○ ● Routing (OSPF, BGP, Static routes) Switching (VLANs, STP, trunking) Hands-on experience in: ○ ○ ● NAT, ACLs, VPNs Traffic flow analysis and packet troubleshooting Familiarity with: ○ ○ ● SNMP, Syslog, Network monitoring tools Firewall logs analysis (allow/drop packets) Understanding of: ○ ● ITIL process (Incident, Change, Problem management)