RESPONSIBILITIES: * Responsible for ongoing configuration changes, monitoring and maintenance for Checkpoint and Palo Alto, including installing and maintaining firewalls, creating, and optimizing rule base, global objects, IDS/IPS policies, and Panorama management systems * Analyze data, make recommendations for remedial action and/or security network enhancements based on detailed analysis and ensure proper communication of issues and/or recommendations to both technical and non-technical audiences. This includes remediation efforts for day to day reported trouble tickets from internal customers * Understanding adversarial Tactics, Techniques and Procedures (TTPs) and developing novel detection and prevention techniques across multiple environments including network, endpoint and applications, particularly through use of the bank SIEM solution * Monitoring events and alerts generated by firewalls, SIEMs, IDS and networking equipment * Systematically identify system security issues and determine root cause via a consistent, logical approach * In conjunction with senior engineers and technology management, define and drive security-based process improvements * Creating and/or maintaining security documentation including security architecture diagrams, procedures, and Bank security standards PROBLEM SOLVING & DECISION MAKING: * Must be able to synthesize multiple data points across several business and technical domains. * Must be analytical, well-organized, and self-directed. * Makes recommendations to manager on decisions of complex, multifaceted nature. * Independently drives and coordinates solutions to complex matters REQUIREMENTS: * Palo Alto PCNSE and/or ACE certified with 1+ years' experience (cert preferred) * Checkpoint CCSA or CCSE certified with 1+ years' experience (cert preferred) * CISSP a plus in addition to other network security certifications * Advaced level knowledge in designing and managing complex next gen firewall infrastructures to include firewall, IPSEC VPN and IPS/IDS, Advanced Networking, Acceleration & Clustering technologies * Excellent written and oral communications skills * Excellent interpersonal skills * Strong ability to produce technical documentation EDUCATION: * College degree or equivalent plus at least 1 year working as a security engineer/architect * Large scale enterprise and service provider networks * Experience with project management methodologies SKILLS/KNOWLEDGE: Solid Understanding of the following: * Network topologies / design: routing, switching, and MPLS/ELan technologies * Palo firewall technology, design, and administration * SIEM configuration and content development experience * Global load balancing technology design and support * IP networking (TCP/IP and packet analysis) * Network and system attack knowledge * Remote access design and implementation with various dual-factor authentication methods * Two factor Authentication systems * Advance Malware Protection Systems i.e. FireEye * Knowledge of LINUX and Windows system administration a plus Perks: * Remote work flexibility * Hire immediately * Growth opportunities * Great benefits * Strong culture * Work life balance