Need only local profile for Network Security - Cisco ASA Checkpoint in Plano TX ( 5 days Onsite)

[itsrec...@gmail.com]

 

 

Position Title: Network Security - Cisco ASA Checkpoint

Location: Plano TX ( 5 days Onsite) need only local profiles

Mode of Hiring: Contract C2C

 

Total Exp Required- 8--12 Years

No GC on C2C Please

 

Overview:
We are looking for a highly experienced SD-WAN Engineer to lead the design, deployment, and lifecycle management of software-defined WAN (SD-WAN) solutions across a BFSI-grade hybrid enterprise.

The role demands deep technical expertise in routing, traffic engineering, cloud integration, and zero-touch provisioning, with a strong focus on resiliency, security, and application performance.

 

Primary Technical Skills

• SD-WAN Platforms: Hands-on experience with Cisco Viptela, Fortinet Secure SD-WAN, VMware VeloCloud, and Silver Peak Unity EdgeConnect.
• Routing Protocols: Advanced configuration and troubleshooting of BGP, OSPF, EIGRP, and route redistribution across underlay and overlay networks.
• Application-Aware Routing: Implementation of dynamic path selection, DSCP-based prioritization, and real-time traffic steering based on SLA metrics.
• WAN Optimization: Deep understanding of deduplication, compression, TCP optimization, and forward error correction (FEC).
• SD-WAN Orchestration: Proficient in zero-touch provisioning (ZTP), template-based policy deployment, and multi-tenant segmentation.
• Cloud Integration: Design and deployment of direct cloud on-ramp to AWS, Azure, and GCP, including ExpressRoute, Transit Gateway, and cloud-native firewalls.
• Overlay Security: Implementation of IPSec tunnels, IKEv2, certificate-based authentication, and role-based access control (RBAC).
• High Availability & Failover: Design of active-active/active-standby topologies, dual CPE, and path resiliency mechanisms.
• QoS & Traffic Engineering: End-to-end QoS policy design, shaping, policing, and per-app SLA enforcement.
• Multicast & Voice Optimization: Support for multicast over SD-WAN, VoIP prioritization, and MOS-based routing decisions.

 

Secondary Technical Skills

• Transport Diversity: Integration of MPLS, broadband, 5G/LTE, and satellite links into SD-WAN fabric with path cost modeling.
• Monitoring & Telemetry: Use of SolarWinds, NetFlow, SNMP traps, and SD-WAN analytics dashboards for proactive monitoring and SLA validation.
• Firewall & VPN Integration: Policy coordination with NGFWs (e.g., Fortinet, Palo Alto), site-to-site VPNs, and ZTNA gateways.
• Automation & Scripting: Development of Python, Ansible, or REST API scripts for bulk provisioning, compliance checks, and config drift detection.
• Network Segmentation: Design of VRF-based segmentation, zone-based policies, and microsegmentation across branches and data centers.
• DNS & DHCP Integration: Centralized DHCP relay, DNS forwarding, and split-horizon DNS for hybrid environments.
• Syslog & SIEM Integration: Forwarding of SD-WAN logs to SIEM platforms (e.g., Splunk, QRadar) for event correlation and compliance auditing.
• Cloud-Native Networking: Exposure to Transit Gateway Connect, Azure Virtual WAN, and GCP Cloud Router.
• Policy-Based Forwarding (PBF): Use of match-action rules to steer traffic based on application, source, or destination.
• Overlay-Underlay Correlation: Mapping of overlay tunnels to underlay health, with real-time path remediation.

 

Required Experience

• 8–12 years in network engineering, with 3+ years in hands-on SD-WAN deployment, operations, and troubleshooting.
• Proven experience in designing and scaling SD-WAN architectures across multi-branch BFSI environments.
• Strong documentation skills: HLD/LLD, runbooks, change control, and as-built diagrams.
• Experience in regulated sectors (BFSI, healthcare, telecom) with emphasis on compliance, audit readiness, and risk mitigation.
• Ability to lead cross-functional collaboration with security, cloud, and infrastructure teams.

 

Preferred Qualifications

• Exposure to SASE/SSE convergence models, including ZTNA, SWG, and CASB integration with SD-WAN.
• Familiarity with cloud-native networking constructs and service chaining in hybrid environments.
• Understanding of ITIL v4 processes: incident, change, and problem management.
• Experience with DevNet, NetDevOps, or CI/CD pipelines for network automation.
• Knowledge of compliance frameworks: ISO 27001, NIST 800-53, RBI, PCI-DSS."