Fortinet is looking for a Senior Cloud Security Engineer to join the Corporate Information Security team. This is a highly technical role, with responsibilities for designing, implementing, maintaining and monitoring security and compliance of cloud assets, and responding to cyber security incidents.
Key Responsibilities:
- Develop strategies, evaluate solutions, design and implement tools, processes and controls to ensure that security and privacy are designed in Fortinet cloud assets.
- Be a strong cloud security and privacy advocate.
- Monitor the security and compliance of cloud systems and networks and actively participate in responding to and investigating cyber security incidents.
- Engage system owners and provide expert guidance on the design, architecture and implementation of solutions to secure applications and services hosted in private and public clouds.
- Drive the implementation of Fortinet cloud security solutions.
- Be part of a global distributed team to shares knowledge, workload and assignments. Strong sense of teamwork is required. Coach peers in cloud security technologies and best practices.
- Support internal and external audit and compliance activities (e.g. SOX, ISO 27001, SOC 2, etc.).
- Work with other information security and IT staff to conduct risk and vulnerability assessments, penetration testing, and threat hunting exercises to anticipate and remediate security weaknesses.
Required Skills/Experience:
- Ten or more years of combined experience in network and systems administration, cloud engineering, operations and security roles.
- Solid knowledge and proven experience architecting and security with one or more of the most public popular cloud environments (AWS, Azure, GCP).
- Experience and functional knowledge of Firewalls, Switches/Routers and Network/System Intrusion Detection or Prevention Systems (IDS/IPS), WAF, anti-malware/virus, active directory, vulnerability assessment tools and other security tools found in large enterprise network.
- Strong security skills including understanding of information security technologies (Firewalls, WAF, IDS/IPS, SIEM, DNS, VPNs, etc) and associated protocols and standards. Proven hands-on experience with products from top security vendors.
- Experience with Fortinet products, an advantage. DevOps/SecOps experience a plus.
- Experience with working in a Computer Security Incident Response Team (CSIRT) or Security Operations Center (SOC) preferred.
- Programming/scripting skills (e.g. Python, Java, Go, Rust, shell scripts, PowerShell, CLI, bash, PERL, etc.) and hands-on Linux experience.
- Familiarity with legal and regulatory requirements, data security standards and frameworks such as ISO 27001/27002, NIST, PCI, HIPAA, SOX.
- Demonstrate strong communications, analytical, problem solving, and decision-making skills that can contribute towards the resolution of any issue that arises.
Wage ranges are based on various factors including the labor market, job type, and job level. Exact salary offers will be determined by factors such as the candidate's subject knowledge, skill level, qualifications, experience, and geographic location.