Information Security Analyst

Job description

Join Fortinet, a cybersecurity pioneer with over two decades of excellence, as we continue to shape the future of cybersecurity and redefine the intersection of networking and security. At Fortinet, our mission is to safeguard people, devices, and data everywhere

The Fortinet Team is seeking a highly technical Information Security Analyst to join the Information Security Operation team in Burnaby site. The role will perform daily security operation activities by monitoring alerts, investigating abnormalities, responding incidents, scan and patch vulnerabilities, performing system hardening, and ensuring Fortinet global infrastructure remains impenetrable.

Job Responsibilities:

• Work with services operations team and R&D to protect Fortinet private services and cloud infrastructure.

• Conduct security monitoring on and vulnerability scan to our Management Information System and FortiGuard system worldwide.

• Analyze security event and leverage SOAR to automate triage and resolution. 

• Lead the cyber security incident response lifecycle—from initial investigation and countermeasures to recovery and post-mortem analysis.

• Work with service operation teams to maintain up-to-date asset inventory, perform regular hardening using CIS Benchmarks to ensure compliance with ISO27001. 

• Participate in risk assessment, internal and external audit and disaster recover drill.

Skills and Qualifications:

• 3+ years of experience in a dedicated Information Security Analyst role.

• Comprehensive understanding of Linux and Windows, Containers (K8s), and protocols (TCP/IP, SSL, LDAP, RADIUS, SAML and REST API).

• SOC/NOC experience is essential. Working knowledge of information security control technologies including vulnerability management, SIEM/log management, access control, Firewall, EDR and WAF related technologies such as IPS, antivirus, DLP and FIM etc..

• Hands-on experience with FortiSIEM, FortiAnalyzer, and FortiSOAR (or equivalent enterprise SIEM and SOAR tools) are required.

• Hands-on experiences on vulnerability scanners such as Nessus, Burp or other similar tools are required. Be able to apply CIS benchmark to hardening the Linux and Windows servers.

• Working knowledge and experience on public cloud security and CNAPP tools such as AWS GuardDuty, Inspector and Lacework are desirable.

• Familiarity with programming language of Python/Jinja and HTML/JavaScript and capability to develop SOAR automation playbooks or scripts will be highly valued.

• Previous experience on system-level security evaluation and consulting, reporting of 0-day vulnerability on any service/system is a valuable asset.

• Knowledge and experience working with various information security frameworks (ISO/IEC 27001, NIST 800-53, etc.) and regulatory frameworks (HIPAA, GDPR, etc.) are desirable.

Soft Skills:

• Quick learner and independent research ability

• High responsibility and time sensitive on duties

• Effective communication skill

• Target driven and efficient working style

• Strong organization and time-management skills

• Keen attention to details

Educational & Certification Requirements:

• Bachelor's degree in Computer Science, Information Security, Electrical Engineering or related field;

• A certification in one or more of the following is strongly desirable:

  • NSE, CISSP, CCSP

About Our Team:

Join our team, known for its collaborative ethos, working seamlessly with global customers, internal engineering teams and product development groups. Our team culture emphasizes continuous learning, innovation, and a strong commitment to customer satisfaction. We embrace Fortinet’s core values of openness, teamwork and innovation, fostering an environment where team members support each other, share knowledge, and leverage AI to solve complex technical challenges. Our inclusive and dynamic team thrives on collaboration and is driven by the shared goal of maintaining Fortinet’s high standards of excellence in cybersecurity solutions.

Why Join Us:

We encourage candidates from all backgrounds and identities to apply. We offer a supportive work environment and a competitive Total Rewards package to support you with your overall health and financial well-being. 

Embark on a challenging, enjoyable, and rewarding career journey with Fortinet. Join us in bringing solutions that make a meaningful and lasting impact to our 660,000+ customers around the globe.

The Canada base salary range for this full-time position is expected to be between $83,600 - $102,200 annually.  Wage ranges are based on various factors including the labour market, job type, and job level.  Exact salary offers will be determined by factors such as the candidate’s subject knowledge, skill level, qualifications, and experience. 

Fortinet strives to provide you and your family with a comprehensive benefits package. Benefits eligibility starts on your first day of hire and comprises of 100% company paid medical, dental, and vision coverage, including a Health Spending Account and a Personal Spending Account that gives you flexibility to spend where you need it the most. Our Employee & Family Assistance Plan (EFAP) offers you and your family access to various services like counseling, legal advice, mental health resources etc. We also provide critical illness, disability, and life insurance, as well as a Group Registered Retirement Savings Plan (RRSP) with a company match to help you save faster for retirement. We offer competitive Paid Time Off and flexible leave policies, including paid health days, to help you take care of yourself and your family members.

All roles are eligible to participate in the Fortinet equity program.  Bonus eligibility is reviewed at time of hire and annually at the Company’s discretion.