JOB DESCRIPTION
Senior Security Engineer
Job Description
Fortinet is looking for a Senior Security Engineer to join the Corporate Information Security team. This highly technical role is an integral part of the Fortinet’s security team that is responsible for the security of Fortinet’s corporate and research environments. This requires extensive and broad functional experience with Vulnerability Management, Compliance, IDS/IPS, switching, routing, firewall, VPN and content networking, across a wide range of complex architectures, platforms and mediums. The individual will helpin the secure deployment of Network systems and help in the maintenance of non-in-line Security systems and the administration of same in a mission-critical, 24/7 environment.
The ideal candidate should be able to document and articulate proposed designs to both technical peers and service stakeholders. This person is a dedicated self-starter with interest in security and networking technologies and willingness to take on complex issues and resolve them in a timely manner. The candidate will be customer focused with an acute sense of urgency in resolving issues that incur a service interruption. The applicant will have 5+ years of previous experience supporting a highly available Wide Area Network or Internet service with knowledge in OSPF and BGP routing on Cisco IOS, Juniper, or Fortinet devices and who is now looking forward to work on network and systems security challenges. Previous work with IOS based routers, switches and Layer-7 firewall (Fortinet, Checkpoint and/or Palo Alto firewalls, etc.) is a great plus as well as strong current Security Analysis experience for Linux and Windows-based systems.
We are seeking an intelligent, highly motivated, diligent and detail-oriented security engineer with an extensive background in networking and vulnerability management, who understands and enjoys cutting edge security technologies and has a passion for troubleshooting, learning, and sharing knowledge. A willingness and aptitude to learn pen-testing and automation capabilities is highly desired. This engineer will work in a team-oriented, fast-paced, flexible environment with a wide array of responsibilities across the organization. The person is expected to be a team player with good problem solving, organizational and verbal and written communication skills.
Responsibilities:
- Administer and operate the infrastructure Vulnerability Management platform in alignment with security standards and the Vulnerability Management program
- Lead the internal Fortinet products vulnerability management process for critical and exposed production systems
- Support security compliance programs (e.g., SOX, ISO 27001, SSAE�9)
- Develop and maintain configuration compliance tooling (firewalls, routers, hosts) and monitor standards deployment coverage
- Partner with system owners and operations teams to improve security posture, vulnerability remediation, and automated testing
- Initiate escalations for critical threats and vulnerabilities
- Maintain external attack surface definitions and continuously improve global IPAM data accuracy for both internal and external IP spaces
- Promote the security standards with IT and productions teams
- Help Monitor, optimize, troubleshoot, document, and otherwise �pamper� the network
- Review and continuously improve security standards, policies, and risk posture
- Conduct adhoc risk assessments, security reviews, and log analysis
- Design, implement, and support security tools, services, and infrastructure
- Evaluate emerging security technologies and threats
- Participate in incident response, SIEM event review, and network testing activities
- Automate operational tasks through scripting
- Provide onsite support for security infrastructure deployment and maintenance
- Maintain security operations documentation and support audits and capability assessments
Required Skills/Qualifications:
- At least 5 years hands-on work experience in IT networking and/or security engineering
- Strong foundation in network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, TLS, DNS, DHCP NetFlow, BGP, OSPF, IPv6 etc.)
- Knowledge of system security vulnerabilities and remediation techniques
- Solid experience and technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, application security
- Solid understanding in designing and deploying networks
- Knowledge of threat modeling or other risk identification techniques
- Knowledge of Network Design, Operation and Architecture principals (hardware, routing, switching, segmentation)
- Excellent written and verbal communication skills
- Excellent teamwork skills
- Results oriented, high energy, self-motivated
- Diligent and detail-oriented mindset
- A BS degree in Computer Science, Cyber Security, other tech-related degree, or equivalent experience
Strongly Desired Skills:
- Knowledge of Vulnerability Management and Compliance systems (e.g., RedSeal, Tenable, Qualys)
- Scripting skills (e.g., Rust, Python, or shell scripting)
- Experience in vulnerability testing and auditing
- Familiarity with regulatory and legal requirements
- Familiarity with compliance frameworks for data management such as ITIL, ISO 27001/27002, COBIT, NIST, PCI or SSAE-16, Sarbanes-Oxley
- CISSP, GIAC (GPEN, GCIH, GCFA, etc.), CEH certification or equivalent preferred
- Experience in OS security hardening preferred
- Knowledge of IDS/IPS and SIEM system is a plus
The US base salary range for this full-time position is $216,000-$264,000. Fortinet offers employees a variety of benefits, including medical, dental, vision, life and disability insurance, 401(k), 11 paid holidays, vacation time, and sick time, as well as a comprehensive leave program.
Wage ranges are based on various factors, including the labour market, job type, and job level. Exact salary offers will be determined by factors such as the candidate's subject knowledge, skill level, qualifications, experience, and geographic location.
All roles are eligible to participate in the Fortinet equity program. Bonus eligibility is reviewed at the time of hire and annually at the Company�9s discretion.
Must be authorized to work in the U.S. without sponsorship.
