Sr. Firewall Engineer

Sr. Firewall Engineer Auto Club of Southern California is seeking a Senior Firewall Engineer to lead and support enterprise and cloud network security platforms across on-prem and cloud environments. What You’ll Do Lead the operation and support of enterprise firewall and network security platforms in a 24/7/365 environment Design, implement, and enforce firewall policies and security standards across on-prem and cloud environments Own and support Check Point (R80+), CloudGuard, VMware NSX-T / Distributed Firewall, and related platforms Secure cloud environments across AWS, Azure, and GCP Architect, implement, and maintain site-to-site and remote access VPN solutions Act as Tier 3 escalation for complex incidents, changes, and outages Partner with infrastructure, cloud, and security teams on secure designs and implementations Support audits, compliance initiatives, and maintain security documentation Mentor junior engineers and drive continuous improvement and best practices Participate in on-call rotation and provide off-hours support as needed What You’ll Have (Required) 6+ years of enterprise network or security engineering experience Strong hands-on firewall experience in production environments Deep expertise with Check Point firewalls (R80+) and VSX Strong Layer 2 / Layer 3 networking and TCP/IP troubleshooting skills Experience designing and supporting VPN solutions Cloud security experience with AWS, Azure, and/or GCP Experience supporting change management and incident response Solid understanding of core security concepts (authentication, authorization, access control) Ability to operate independently and lead during critical incidents Strong communication, documentation, and cross-team collaboration skills Nice to Have Experience with firewall policy management tools (AlgoSec, FireMon, or similar) Automation or scripting experience (Bash, Python, Ansible, Terraform) Familiarity with Governance, Risk, and Compliance (GRC) practices Experience in high-availability or large-scale enterprise environments Required Certifications Check Point CCSE Cisco CCNP AWS Certified Solutions Architect – Associate Preferred Certifications Advanced Check Point certifications (CCCS, CCMS, CCAS, CCVS, CCSM, CCME) VMware VCP / VCAP AWS Solutions Architect – Professional Azure Solutions Architect Google Professional Cloud Architect Cisco CCIE CISSP or CEH #LI-SS1 The starting pay range for this position is: $176,600.00 - $235,500.00 Additionally, for full time positions, you will be eligible to participate in our incentive program based upon the achievement of organization, team and personal performance. . Remarkable benefits: Health coverage for medical, dental, vision 401(K) saving plans with company match AND Pension Tuition assistance Floating holidays and PTO for community volunteer programs Paid parental leave Wellness programs Employee discounts (membership, insurance, travel, entertainment, services and more!) Auto Club Enterprises is the largest federation of AAA clubs in the nation. We have 14,000 employees in 21 states helping 17 million members. The strength of our organization is our employees. Bringing together and supporting different cultures, backgrounds, personalities, and strengths creates a team capable of delivering legendary, lifetime service to our members. When we embrace our diversity – we win. All of Us! With our national brand recognition, long-standing reputation since 1902, and constantly growing membership, we are seeking career-minded, service-driven professionals to join our team. “Through dedicated employees we proudly deliver legendary service and beneficial products that provide members peace of mind and value.” AAA is an Equal Opportunity Employer The Automobile Club of Southern California will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable federal, state, and local laws, including the City of Los Angeles’ Fair Chance Initiative for Hiring Ordinance (FCIHO), the Unincorporated Los Angeles County (ULAC) regulation, and the California Fair Chance Act (CFCA).