Enable job alerts via email!
NETWORK - Firewall and segmentation
Zensar
Bengaluru
On-site
INR 10,00,000 - 15,00,000
Full time
Today
Be an early applicant
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A leading technology company in Bangalore seeks a skilled Network Segmentation Operations professional to implement network segmentation across various zones and manage Check Point firewalls. Ideal candidates will have 7-10 years of experience in network security operations, hands-on experience with Check Point R80.x, and strong troubleshooting skills. This role offers an opportunity to work in a dynamic environment with a focus on operational excellence.
Qualifications
- 7-10 years in network security operations or firewall management.
- Hands-on experience with Check Point and SmartConsole.
- Solid understanding of segmentation concepts and networking fundamentals.
Responsibilities
- Implement and manage segmentation across VLANs, subnets, and security zones.
- Monitor logs for anomalies and handle connectivity issues.
- Execute change windows with pre/post validation and rollback plans.
Skills
VLAN
TCP/IP
Check Point R80.x
Network Segmentation
NAT
Routing
Packet captures
Education
Check Point Certified Security Administrator (CCSA)
CCNA/CCNP or equivalent
Job description
Network Segmentation Operations
- Implement and manage segmentation across VLANs, subnets, and security zones (e.g., User, Server, OT/IoT, DMZ, Partner, PCI zones).
- Enforce zone-based policies least privilege, deny-by-default; maintain inter-zone matrix (who can talk to whom).
- Execute segmentation change requests: policy updates, NAT changes, and group membership changes.
- Maintain asset-to-zone mappings and tagging (e.g., using identity awareness / dynamic objects).
- Validate segmentation efficacy using test plans (ping/TCP checks, app flow validation).
- Solid understanding of TCP/IP, routing, VLANs, NAT, DNS, and VPN technologies.
- Proven experience in Network Segmentation / Micro-Segmentation projects
- Experience performing Network Risk Analysis and mitigation planning.
- Configure, deploy, and manage Checkpoint Next-Generation Firewalls (NGFW) and related security gateways.
Check Point Firewall Administration
- Daily management in SmartConsole (R80.x): access policies, NAT, Application Control/URLF, IPS, Threat Prevention profiles.
- Manage Gateways & Clusters (Gaia OS): HA status, sync, failover readiness, VPN communities.
- Run policy verification (Hit counts, Unused/Shadowed rules, Rule order optimization).
- Maintain objects hygiene: networks, hosts, groups, services, dynamic objects.
- Backups & snapshots of Gaia and SmartCenter; track policy revisions.
Monitoring & Incident Handling
- Monitor logs/SmartEvent for anomalies (deny spikes, drops, high CPU/conn table pressure).
- First-responder for connectivity issues related to segmentation (blocked flows, NAT misconfig, asymmetric routing).
- Perform packet captures (fw monitor, tcpdump) and interpret rule-matching logic.
- Escalate to L3 with structured analysis (flow diagrams, rule references, timestamps, correlations).
Operational Excellence
- Execute change windows with pre/post validation and rollback plans.
- Keep runbooks and as-built documentation updated (zones, policies, rule intent).
- Support audits/compliance (PCI/SOX/ISO): evidence collection, rule attestation, policy reviews.
- Participate in rule life-cycle: request risk review implement recertify retire
Required Skills & Experience
Technical Skills
- Solid understanding of segmentation concepts: VLAN, VRF, DMZ, east-west vs north-south traffic, zero-trust principles.
- Hands-on with Check Point (R80.x): SmartConsole, Gaia CLI, policy layers, Threat Prevention, Identity Awareness.
- Networking fundamentals: TCP/IP, routing (static/OSPF/BGP basics), NAT (hide/static), HA clustering.
- Troubleshooting: fw monitor, tcpdump, log analysis, rule hit counts, connection table analysis.
- Familiarity with proxy/DNS/DHCP touchpoints for segmentation changes.
Experience
- 7-10 years in network security operations or firewall management.
- Exposure to enterprise-scale segmentation projects.
- Certifications (Preferred)
- Check Point Certified Security Administrator (CCSA) or higher.
- CCNA/CCNP or equivalent networking certifications.
Get your free, confidential resume review.
or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
Michael Carter
I was stuck sending out resumes with no response until I used JobLeads. They made my resume impossible for recruiters to ignore.
Sophie Reynolds
JobLeads' resume review helped me fix critical mistakes, and I started getting interviews almost immediately!
Daniel Fischer
With JobLeads' resume review, my resume went from overlooked to interview-ready in no time!