Technical Specialist, Checkpoint Security

Technical Specialist, Checkpoint Security content expired 3 months ago

Date expired: 
Thu, 03/15/2018
Experience Requirements: 
Not requirements

To provide security management, monitoring, administration and support services to the OB (Optus Business) clients – with a significant focus on Check Point technologies and devices.

An important aspect of this position is to provide security related technical leadership to Analysts within the team and provide proactive problem management, trend analysis and recommendations to continuously improve services to our managed security client. The team operates within an environment based on industry best practices for Service Management with ITIL being the framework to achieve this. The team also operates under structured managed service contracts and contractual Service Level Agreements.

This security role will need someone with advanced Check Point skills including CCSA certification, and preferably CCSE certification; Cisco security device skills seen as a bonus. This role will be to take operational ownership of the security devices management services that are being offered to the client part of our Security managed services. This position reports to the Sr. Operations Manager and will be available to assist on all OB clients. The principle purpose is to provide Tier 2 Security services (such as Request, Incident, Change and Problem management along with service improvement)

Roles & Responsibilities:

  • To take operational ownership of the services that are being offered to Optus Business customers in the form of Managed Networks and Security Services.
  • Customer Experience:
    • Demonstrate professional, pro-active qualities in dealing with clients both internally and externally
    • Manage, monitor and maintain the integrity and performance of the internal, managed and hosted firewalls and associated security solutions
    • Complete monthly vulnerability reports to meet customer contracted requirements
    • Ensure customer security procedures, located on the intranet, are current for the security solutions being managed.
    • Assist in managing and auditing the adherence of the OB and its customers to all relevant security policies and directives.
    • Maintain security designs and documentation whenever a new solution or project creates or modifies these designs and/or documentation.
  • Security:
    • Manage incidents, problems, project transitions and follow up and implement MAC changes, particularly in the Check Point space
    • Accept security related technical escalations from the RDC Service Assurance Analysts and Security Analysts
    • Provide security related technical guidance, mentoring and skills transfer to RDC Service Assurance Analysts and Security Analysts
    • Collect and distribute security information for the OBTAC and customer managed environments.
    • Understanding and ability to perform recommendations on security design, especially around Check Point firewall architecture.
    • CCSA certification (CCSE seen very favourably)
    • GAiA – Design, implement, troubleshoot and remediate advanced Checkpoint solutions. Manage and optimise a large enterprise firewall environment. (SecureXL, ClusterXL, Multi-queue, VSLS, CPU affinity)
  • Continuous Improvement:
    • Maintain strategic operational partnerships and education and certification.
    • Complete training assigned
    • Keep abreast of relevant technology to improve service delivery
    • Identify areas for improvement
    • Identify areas of improvement in delivering managed services
    • Keep technical documentation for OB(Optus Business) and Optus clients up to date.
  • Compliance:
    • Maintaining high standards of technical and professional contribution to OB (Optus Business).
    • Review internal procedures and processes and ensure they adhere to ITIL best practices
    • Follow internal procedures and processes
  • Process and Procedure:
    • Understand and act within the change control systems of OB and its customers
    • Review security solution architecture designs and ensure that they meet the relevant security requirements for OBTAC management.
    • Assist in the development, implementation and maintenance of relevant OBTAC information security standards, plans, policies and standard operating procedures.
    • Escalate issues arising from non-adherence to relevant security policies to the Security Team Leader / IT Security Manager
    • Implement and maintain metrics to ensure that the performance or compliance to customer contracted security requirements are measured and reporting requirements are met.
    • Develop and maintain information security standards, plans, policies and operating procedures.
  • Handle Proactive Event Management (Managing Alarm/Event Management Platform) HPOVO and Solarwinds. Validating events and logging Incidents in Incident Management System.
  • Performing incident diagnostics, remote diagnostics of customer network and firewall devices upon receiving alarms for all capabilities in Managed Network Services (e.g. LAN/WAN/WAN X/Telco Carriage Products) and Managed Security Services (e.g. Perimeter firewalls, Juniper NSM).
  • Implement pre-authorised and standard MAC’s (Firewalls/RSA/LAN and WAN Port configuration). Carry out customer network redundancy and backup tests as scheduled.
  • Troubleshoot carriage & IP incidents across customer edge equipment, add & remove devices as needed into monitoring and reporting tools (e.g. Orion Solarwinds, HPOVO, Ciscoworks, Cisco ACS etc.).
  • Performing Service Desk duties in heavy workload including management of email requests/Dropbox, provide timely and effective Escalation Management as per EMC resolution management processes and update CMDB content as per RMA and Change process.

Required Skills & Experience:

  • Education and Qualifications:
    • Typically tertiary qualified (i.e University Degree/Diploma) or relevant business/technical qualifications.
  • Work Experience:
    • Minimum 7 years’ experience as a Technical Specialist in a managed services or support role in an environment based on industry best practices for Service Management with ITIL framework to achieve this. Minimum of 5 years as a Check Point SME.
    • Experience in the implementation and support of Multi-protocol/Multi-platform and vendor environments.
    • Extensive experience in a senior security operations role.
    • Extensive experience supporting security solutions.
  • Technical / Professional Skills:
    • Check Point
    • CCSA certification (CCSE seen very favourably)
    • GAiA – Design, implement, troubleshoot and remediate advanced Checkpoint solutions. Manage and optimise a large enterprise firewall environment. (SecureXL, ClusterXL, Multi-queue, VSLS, CPU affinity)
    • IPS – Management of vulnerabilities and relevant signatures
    • Threat – analysis and remediating of detected threats
    • ID Awareness – Manage Active Directory integration and performance
    • Endpoint – Manage endpoint protection updates
    • VPN – Remote access and IPsec B2B VPN implementation and management
  • Non-Technical / Soft Skills:
    • Displays excellent teamwork skills and aptitude to guide/train others
    • Fluent in English both written and oral.
    • Excellent interpersonal skills to negotiate and communicate
    • Ability to perform under pressure
    • Flexibility in approach to problems and proposing options to solve problems.
    • Autonomous; Well organized; Sense of Urgency
    • Candidate must be willing to work on 24x7 shift pattern 

Preferred Skills & Experience:

  • Technical / Professional Skills:
    • Cisco ACI core network, Cisco Lancorpe, Cisco TrustSec, Cisco MSE and Cisco ISE technologies
    • Knowledge of firewall, IDS/IPS, VPN (IPsec and SSL) devices on configuration, implementation, management and troubleshooting.
    • Strong knowledge of F5 technology. LTM,GTM,ASM,APM
    • Sound knowledge with security issues on Windows, Linux flavor systems
    • Good knowledge on Linux system configuration and management. Working knowledge of Linux scripting
    • Sound knowledge of AAA (TACACS, RADIUS etc) and identity management
    • RSA Server implementation/configuration/management
    • Sound working knowledge of common internet services such as DNS, SMTP etc
    • Working knowledge of WAN technologies such as Frame relay, ISDN, ATM etc
    • Good knowledge of LAN technologies on layer 2 and 3. Packet capture analysis
    • Symantec implementation, configuration and management
    • Good experience with risk and vulnerability assessments, prevention strategies and mitigations, including website related activities.
    • Implement security audit/assessment procedures and standards and conduct network security audits with any main vulnerability assessment product like Nessus.
    • Experience with SIEM solutions and systems such as ArcSight and/or SPLUNK
    • ACS; TACACS device access management
    • Plan and manage consolidating into ISE
    • ISE; Wireless Device Management; Design, implement and test improvements to NAC
    • RSA - Manage the RSA SecurID server environment
  • Other Task-Specific Knowledge:
    • ITIL Foundation Certificate

Let’s shape a better world through technology. Join us to lead the change.

Global Enterprise International Malaysia Sdn. Bhd. (GEIM)

Address: Level 16, Tower A Plaza 33, No.1 Jalan Kemajuan Seksyen 13, 46200 Petaling Jaya, Selangor Dahrul Ehsan, Malaysia

Job Id: