- Firewall change requests -
Investigate and document changes needed to accomplish request from business line. This includes any Checkpoint firewall changes as well as router changes. Work with Information security to verify changes are actually needed and conform to company standards. Implement change request. Test with clients on the following day and work with client until change is successful. Maintain firewall change logs after every policy change.
- External Client change requests -
Investigate and document changes needed to accomplish request from business line. Work with Information security to verify changes are actually needed and conform to company standards. Implement change request. Test with clients on the following day and work with client until change is successful.
- DMZ creations in Firewall environment both internal and external -
Creating VLANs on ECR's for infrastructure connectivity as well as IDS connectivity. Creating VLANs on ICR's for server connectivity. Trunking VLANs down to server farm switches. Creating and installing Checkpoint objects for initial firewall policy. Modifying routing protocols as needed to accomplish network connectivity both internally and externally.
- Troubleshooting DMZ issues -
Troubleshoot connectivity issue as they arise in DMZ Silos. This includes access from Internet and Intranet to Web servers and other DMZ devices.
- Deployment of New installations and cutovers -
Interface with Deployment and customers. Assist and make recommendations on network design. Configure and deploy new devices. Troubleshoot connectivity issues and resolve them following company procedures.
- Troubleshooting External client connectivity -
Troubleshoot connectivity issue as they arise with external clients.
- Ensuring Network Management devices have access to company infrastructure -
Resolve any issues that do not allow network management devices to poll company infrastructure for any failures. Primarily but not limited to routing and filtering issues.
- Providing level3 support for network operations -
Assist Network Operations during production outages as well as knowledge base during their investigations.
Provide network system administration, security device installation, check point firewall deployment & solution, configuration, troubleshooting, debugging and support for global market data applications, financial systems and infrastructure involving high volume securities trading and financial transactions utilizing network management components/technologies such as P Networking, WAN, NAT, Cisco Routers/Switches/ACL, OSPF, BGP, Checkpoint firewalls, Juniper Firewalls, Proxies, TCP/IP, C programming and Unix Shell/Perl Scripts on Unix-based systems (Solaris, Linux, FreeBSD). Conduct root cause diagnosis & troubleshooting, perform enhancements, and implement solutions to firewall management platform, operating system, protocols and components. Review firewall logs and rule bases to ensure that security best practices are enforced. Develop and execute contingency plans for network software and hardware failures including isolated and major outages. Provide technical guidance to application developers and act as a liaison with traders on firewall solutions. Participate in network disaster recovery tests for the production network. Provide on-call support functions.
- IP Networking & WAN configuration
- NAT design and troubleshooting
- Cisco Routers/Switches
- Cisco ACL's
- UNIX systems - e.g. Solaris, Linux, FreeBSD
- Juniper Firewalls
- Checkpoint Appliances
- Firewall-1/VPN-1 R60 / R65 / R75.20
- Secure Platform NGX
- Provider-1 Smart Domain Manager
- Check Point software installation
- Check Point troubleshooting
- Check Point management server configuration and support
- Language requirement
- English (Fluent), Japanese (Conversation)