Cloud Security jobs at Fortinet in Canada, Burnaby

Job Responsibilities:

• QA, validate and support the infrastructure of global private cloud.
• Design, execute and analyze the test scenarios, cases and results.
• Troubleshoot and resolve technical problems during QA progress, both individually and as part of the broader team.
• Focus on continuous improvement - always be looking for improvement, automation and optimization opportunities from the cloud product test tasks.
• Actively share knowledge across the team and support your peers.

Skills Required:

• Over 3 years of experience in private or public cloud platform validation and QA with the following knowledge and capabilities.
  • Execute feature, bug fix, performance or stability test cases by using a combination of manual and automated testing techniques and analyzing code.
  • Identify, document, and track software defects found during testing.
  • Select, execute and maintain automation test framework.
  • Design and develop comprehensive test cases and detailed test plan
• OpenStack experience preferred.
• Cloud Management System experience preferred.
• Linux server administration experience (RHEL, CentOS, Ubuntu, etc.).
• At least one programming/scripting language (Python, Bash, etc.).
• Excellent ability to analyze, identify, and resolve software issues.
• Excellent ability to organize, multitask, work individually and in a team.
• Excellent verbal and written communication skills.

The Canada base salary range for this full-time position is expected to be between $92,300 - $112,800 annually. Wage ranges are based on various factors including the labour market, job type, and job level. Exact salary offers will be determined by factors such as the candidate’s subject knowledge, skill level, qualifications, and experience.

As a Cloud Storage System Architect, you will

• Lead the architecture, deployment, and management of private cloud storage solutions using Ceph integrated with Kubernetes (via Rook or similar operators), OpenShift platforms and Openstack Cinder.
• Design and implement VM deployment on Kubernetes clusters or OpenShift Virtualization (KubeVirt), enabling unified management of containerized and virtualized workloads.
• Integrate Kubernetes environments with OpenStack and KVM virtualization infrastructures to support hybrid cloud strategies.
• Drive cloud migration initiatives, transitioning legacy systems and interdependent microservices to cloud-native, event-driven architectures with a focus on scalability and resiliency.
• Develop and maintain ML Ops pipelines and CI/CD workflows to automate machine learning model lifecycle management and application delivery, leveraging tools such as Jenkins, GitLab CI, and Ansible.
• Implement observability, telemetry, instrumentation, and monitoring frameworks to improve system reliability and reduce downtime.
• Collaborate with engineering, operations, and business stakeholders to align cloud infrastructure capabilities with organizational goals and regulatory requirements.
• Lead vendor management and cost optimization efforts to reduce technology spend while enhancing platform performance and security posture.
• Provide technical leadership, training, and mentorship to engineering teams on cloud technologies, DevOps best practices, and SRE principles.

We are Looking for:

• Extensive experience managing Ceph storage clusters integrated with Kubernetes/OpenShift/OpenStack for scalable block and object storage.
• Hands-on experience designing and implementing ML Ops pipelines and CI/CD automation to support developer workflows and accelerate model deployment.
• Proven expertise deploying and managing virtual machines on Kubernetes using OpenShift Virtualization/KubeVirt.
• Strong knowledge of OpenStack components (Nova, Neutron, Cinder) and KVM virtualization, and their integration with container orchestration platforms.
• Demonstrated success in leading cloud migration and modernization projects involving microservices and event-driven architectures. - Proficiency in scripting and automation tools such as Python, Ansible, Terraform, Jenkins, and GitLab CI.
• Deep understanding of Linux system administration, networking, security protocols, and regulatory compliance in cloud environments.
• Excellent leadership, communication, and stakeholder management skills with a track record of driving cross-functional initiatives and vendor negotiations.

Preferred Qualifications

• Experience with multi-cloud strategies and hybrid cloud platform integration (AWS, Azure, GCP).
• Familiarity with observability tools such as Prometheus, Grafana, and ELK stack.

The Canada base salary range for this full-time position is expected to be between $95,000 - $116,000 annually. Wage ranges are based on various factors including the labour market, job type, and job level. Exact salary offers will be determined by factors such as the candidate’s subject knowledge, skill level, qualifications, and experience.

This role focuses on supporting users in deploying services based on OpenStack and Kubernetes, resolving network-related issues, designing robust cloud network architectures, and enhancing infrastructure automation.You will collaborate with internal teams and clients to deliver scalable and secure cloud environments tailored to their needs.
⸻
•  Assist users in deploying services on OpenStack and Kubernetes platforms.
•  Troubleshoot and resolve user network issues across cloud environments.
•  Design and implement cloud network solutions including VLAN, VXLAN, and overlay networks.
•  Provide expert support for cloud infrastructure deployment, including automated script support.
•  Manage and maintain large-scale virtual and physical networks.
•  Support deployment and network design of cloud platforms, ensuring best practices and scalability.
•  Configure and manage networking devices, particularly FortiGate firewalls, switches, and routers.
•  Integrate and manage Kubernetes networking with CNI plugins.
•  Use Terraform to define, provision, and manage cloud infrastructure.
•  Work with OpenStack Neutron, OVN, and OVS for virtual network configurations.
•  Collaborate on troubleshooting and optimizing routing and switching protocols in complex environments.
⸻
Must-have Qualifications:
•  Strong understanding of network protocols, including TCP/IP, routing, and switching.
•  Hands-on experience with VLAN, VXLAN, and overlay networks.
•  Experience in configuring and managing network devices (especially FortiGate).
•  Proficiency with Terraform and infrastructure-as-code principles.
•  Practical experience with Kubernetes CNI and container networking.
•  Familiarity with OpenStack basic operations, especially networking components.
•  Strong analytical and problem-solving skills in complex network environments.
•  Ability to communicate technical concepts clearly with clients and internal teams.

The Canada base salary range for this full-time position is expected to be between $92,000 - $112,000 annually. Wage ranges are based on various factors including the labour market, job type, and job level. Exact salary offers will be determined by factors such as the candidate’s subject knowledge, skill level, qualifications, and experience.

Responsibilities

• Develop and enhance cloud security capabilities for CASB product, ensuring high availability and performance
• Implement Cloud Access Security Broker (CASB) features, such as cloud data protection, compliance enforcement, and threat detection
• Optimize SaaS platform architecture for security, scalability, and cost efficiency
• Work with DLP (Data Loss Prevention) and DSPM (Data Security Posture Management) teams to integrate security solutions
• Design and develop APIs and microservices to improve automation and system integrations
• Troubleshoot and optimize system performance, data processing, and security enforcement mechanisms

Requirements

• Bachelor’s degree in Computer Science, Software Engineering, or equivalent experience
• Three or more years of experience in cloud security development or SaaS application development
• Proficiency in Java and Python
• Strong knowledge of AWS services, including Lambda, API Gateway, DynamoDB, S3, Kinesis, IAM, and VPC
• Experience with Kubernetes, Docker, and microservices architecture
• Familiarity with OAuth, SAML, OpenID Connect, and Zero Trust security models
• Understanding of cloud security best practices and compliance frameworks such as GDPR, SOC2, and NIST
• Experience with SQL and NoSQL databases such as PostgreSQL, DynamoDB, and Elasticsearch
• Strong analytical skills and the ability to work efficiently in a distributed team environment
• Experience in data mining, anomaly detection, or predictive analytics, preferably in security or cloud environments

Preferred Qualifications

• Experience with security solutions such as CASB, DLP, SIEM
• Knowledge of Terraform, Ansible, and CI/CD pipelines
• Familiarity with large-scale data processing, stream analytics, and cloud security monitoring
• Background in identity and access management and cloud compliance

The Canada base salary range for this full-time position is expected to be between $105,000- $140,000 annually. Wage ranges are based on various factors including the labour market, job type, and job level. Exact salary offers will be determined by factors such as the candidate’s subject knowledge, skill level, qualifications, and experience.

As a Senior Penetration Tester, your responsibilities will include:

• Conduct regularly penetration tests and security evaluations on Fortinet cloud products, covering web applications and server backend under various authentication level to identify vulnerabilities and security risks.
• Investigating and Writing POCs for published vulnerabilities and help production team to evaluating the exploitability and risks.
• Participating in design and implementation of cloud security posture management system, primarily focusing on public IP scan and security exposure analysis
• Conduct security review on system design and functional design, review the security flaws in programming regularly.
• Red team activities, specifically on developing scripts and programs aiming to penetrate and infiltrate in scope systems and ICT technologies.
• Capable of collecting threat intelligence and evaluate/maintain Pentest tools

We are looking for:

• 3+ years of dedicated experience in information security role with strong pen-tester practiced background (CVE, Pentest reports, Tech articles may be asked as proofs).
• Professional penetration test skills on information technologies including operation systems, software frameworks, database, web applications and networks.
• Strong knowledge of the fundamentals of web applications including. authentication, authorization, session management, HTTP protocol, web language, web server and browser architecture and implementation principle.
• Proficient programming ability with programming languages in order to conduct security code review and develop scripts and programs to help enrich security scan efficiency and penetration testing automation and dive in-depth ability.
• Experience of software research and development is highly valued.
• Proven skills and expertise of using pen-test tools, e.g. Nessus, Burp Suite.
• Demonstrated Practices of using Kali Linux/Metasploit to craft POC for known vulnerabilities.

We encourage candidates from all backgrounds and identities to apply. We offer a supportive work environment and a competitive Total Rewards package to support you with your overall health and financial well-being.

The Canada base salary range for this full-time position is expected to be between $95,000 - $120,000 annually. Wage ranges are based on various factors including the labour market, job type, and job level. Exact salary offers will be determined by factors such as the candidate’s subject knowledge, skill level, qualifications, and experience.

Duties and Responsibilities:

1. Compliance Assessment:
   • Perform regular assessments and audits of the organization's security controls, policies, and procedures.
   • Identify potential vulnerabilities, risks, and compliance gaps through comprehensive reviews and analysis.
   • Evaluate compliance with relevant regulatory frameworks, such as SOC2, ISO27001, GDPR, HIPAA, PCI DSS, and others.
   • Collaborate with stakeholders to understand business requirements and ensure compliance measures align with industry standards.
2. Compliance Framework Development:
   • Develop and maintain an effective security compliance framework that aligns with organizational goals and objectives.
   • Create and update policies, standards, and guidelines to address emerging security threats and regulatory changes.
   • Design and implement security controls, procedures, and technical safeguards to ensure compliance across the organization.
3. Risk Assessment and Management:
   • Conduct risk assessments to identify potential security vulnerabilities and recommend appropriate risk mitigation strategies.
   • Collaborate with cross-functional teams to implement risk management frameworks and ensure compliance with risk management policies.
   • Provide guidance and support to stakeholders in understanding and addressing security-related risks.
   • Monitor and report on the effectiveness of risk mitigation strategies.
4. Documentation and Reporting:
   • Prepare comprehensive reports and documentation related to security compliance assessments, audits, and findings.
   • Maintain accurate records of compliance activities, audit results, and corrective actions taken.
   • Provide regular reports to management, stakeholders, and regulatory bodies as required.

Qualifications and Experience:

• Bachelor degree in Information Security/Systems, Computer/Electronic Engineering, Communications Engineering or related field, and eight (8) years of experience in information security, audit, compliance, risk management or related occupation
• Proven experience in security compliance, risk management, or a similar role
• In-depth knowledge of security standards, frameworks, and regulations (e.g., SOC2, ISO27001, GDPR, HIPAA, PCI DSS).
• Experience in design and implementation of information security policies and controls
• Experience with core security technologies such as security information and event monitoring systems (SIEM), firewalls, network and host intrusion prevention and detection systems, proxies, vulnerability scanners, and anti-virus solutions
• Experience with cloud security management
• Demonstrated ability to understand and interpret audit, as well as security requirements
• Superior interpersonal and communication skills
• One or more of the following certifications preferred: ISO 27001 LA, CISSP, CCSP, CISA, and PMP

The Canada base salary range for this full-time position is expected to be between $106,700 - $130,500 annually. Wage ranges are based on various factors including the labour market, job type, and job level. Exact salary offers will be determined by factors such as the candidate’s subject knowledge, skill level, qualifications, and experience.

Strategic Feature Planning & Innovation:

Establish a roadmap for the continuous evolution of the cloud architecture, ensuring a forward-looking approach that keeps the organization competitive.

Cloud Security Integration:

Integrate security best practices into all phases of cloud architecture design and implementation, from initial feature planning to deployment.

Implement cloud security frameworks, including Could Security Posture Management (CSPM), encryption, secure APIs, and incident response mechanisms.

Collaborate with the cybersecurity team to ensure compliance with regulatory requirements (e.g., SOC2, ISO27K, GDPR, HIPAA), performing regular audits and remediation.

Stakeholder Management:

Engage with executive leadership to communicate cloud strategy progress, emphasizing security integrations and new feature development outcomes.

Required Qualifications:

Bachelor’s degree in Computer Science, Information Technology, or a related field. Master’s degree preferred.

10+ years of experience in IT architecture, with a significant focus on cloud technology, feature planning, and security integration.

5+ years of experience in leadership roles managing teams of architects and engineers.

Expertise in public cloud platforms such as AWS, Azure, or Google Cloud, with a deep understanding of cloud-native services and feature development.

Deep expertise in OpenStack architecture, deployment, and management, with experience in networking, storage, compute, and orchestration within private cloud environments.

Strong understanding of hybrid cloud and multi-cloud strategies, including workload migration and interoperability across private and public clouds.

Demonstrated experience in cloud security design and integration, including CSPM, encryption, secure coding, and compliance frameworks.

Hands-on experience with cloud automation, DevSecOps, and CI/CD pipelines.

In-depth knowledge of security best practices and regulations, including SOC2, ISO27K GDPR, HIPAA, and others.

Proven ability to plan and execute complex cloud projects that involve new features, optimization, and security controls.

Preferred Skills:

Strong expertise in containerization technologies (e.g., Docker, Kubernetes) and microservices architectures within private cloud environments.

Experience with multi-cloud and private cloud architectures.

Excellent leadership, communication, and problem-solving skills with a track record of delivering complex cloud projects.

The Canada base salary range for this full-time position is expected to be between $160,000 - $180,000 annually. Wage ranges are based on various factors including the labour market, job type, and job level. Exact salary offers will be determined by factors such as the candidate’s subject knowledge, skill level, qualifications, and experience.