Information Security Expert
Fortinet
- Burnaby, BC
- $81,000-110,000 per year
- Permanent
- Full-time
- Implement and maintain security controls such as firewall, SIEM, SOAR, anti-virus, etc.
- Analyze existing security systems and make recommendations for changes or improvements.
- Collect, review, and analyze security logs, identify abnormalities and violations, response to security incidents.
- Develop secure operation processes and playbooks.
- Perform vulnerability scan and follow up on the remediation.
- Define security baselines for systems and harden the systems accordingly.
- Coach and assist administrators, and users to ensure that appropriate controls are implemented and operating effectively in accordance with policies.
- Ensure compliance to required standards, procedures, guidelines and processes.
- 5+ years of experience in Information Technology or Information Security role.
- SOC/NOC experience desired. Working knowledge of information security control technologies including access control, cryptography, vulnerability management, SIEM/log management, ID/IPS, and penetration test.
- Hands-on experience on FortiSIEM, FortiSOAR, and FortiAnalyzer is desirable.
- Knowledge of Internet threat landscape and attacker motivations (phishing, malware, APT, DoS, etc.)
- Previous experience of at least one scripting language (e.g. Python, Groovy, Perl, Ruby, Shell scripting, etc.).
- Knowledge and experience working with various information security frameworks (ISO/IEC 27001, NIST 800-53, COBIT, etc) and regulatory frameworks (SOX, PCI-DSS 3.2, HIPAA, GDPR, etc.)
- Expertise in operating system knowledge/support related to security vulnerabilities.
- Working knowledge of network protocols, DNS, and networking devices - routers, VPNs, proxies, firewalls.
- Excellent verbal, written and interpersonal communication skills as well as attention to detail.
- Bachelor's degree in Computer Science, Information Security or related field;
- A certification in one or more of the following desirable: Fortinet NSE-8 and above, CISSP, CCNP, CCIE, RHCE, CEH, OSCP.