L2 Network Security Engineer - Checkpoint Firewall (3-7 yrs)

Designation: L2_network Security Engineer Firewall- (checkpoint, Cisco Asa)

Location: Mahape _ Navi Mumbai

1. Monitoring of Firewall Status

2. Creation of users and permitting VPN users' access

3. Firewall policy Configuration Backups

4. Technical support coordination with OEM

7. Auditing logs & analysis of events, alerts.

8. Auditing & analysis of traffic statistics.

9. Auditing & analysis of Firewall health.

10. Monitoring of IPS, Antibot, Antispam, Antivirus, VPN

11. Fine-tuning of IPS signatures.

12. 24x7 device availability & performance monitoring.

13. Monitor report and audit non-compliances and provide remediation actions.

14. Performing version and patch updates

15. Rebuilding of management server in case of crash

16. Coordination with OEMs for product related issues and bugs, break fix & replacements.

17 Web Application Firewall (WAF)

18. Escalation and coordination with principles for problem resolution

19. Recommendation of WAF Policies

20. Risk Analysis and providing the mitigation plan

21. Configuring new servers and fine tuning the parameter

22. Continual Service Improvement Planning and executions

23. Incident/ Problem/ Change management

24. Parameter fine tuning as per the vulnerability assessment report

25. Troubleshooting issues related to Web Application Firewall Security connectivity and backend application servers

26. Custom protocol profile configurations for Web Application Firewall Security (addition/modification/ deletion)

End point Security :

1. Regular monitoring of update of antivirus signatures via console

2. Version up gradation of the agents and remote deployment of new agents

3. Discovering of the devices on central AV console Remove virus from in scope devices.

5. Diagnose and rectify any virus/malware/spyware problems which can be fixed by the antivirus tool.

6. Managing central AV' servers

7. Taking precautionary actions in terms of definition file updates and interim solutions released during the high alert situations

8. Troubleshooting virus related incidents

9. Reinstallation of endpoint security agent in case of uninstallation for troubleshooting/ event/incident.

10. Coordinate with the PC support team/ handle Antivirus queries/complaints from Branches

for Provision of updates/ installation package etc.

11. Virsec Agent installation on need basis.

12. Whitelisting/blacklisting the process/event generated from the server.

13. Putting the servers to prevention mode.

14. Trouble shooting of issues.

15. Raising troubleshooting ticket with OEM.

16. Working with TAC to resolve the issue, if any

17. For performance issues coordinate with server custodian

18. Service reporting on periodic basis (Daily, Weekly, Monthly)

19. Changes to be done based on threat feeds and change requests

20. Coordination with DC SOC team for any troubleshooting/upgrade activity for the security appliances at the DR site.