Senior Security Engineer

Job Description

Senior Security Engineer

Fortinet (NASDAQ: FTNT) is a worldwide provider of network security appliances and a market leader in Network Security (FW/NGFW/UTM). Our products and subscription services provide broad, integrated, and high-performance protection against dynamic security threats while simplifying the IT security infrastructure.

Job Description

Fortinet is looking for a Senior Security Engineer to join the Corporate Information Security team. This highly technical role is an integral part of the Fortinet's security team that is responsible for the security of Fortinet's corporate and research environments. This requires extensive and broad functional experience with Vulnerability Management, Compliance, IDS/IPS, switching, routing, firewall, VPN and content networking, across a wide range of complex architectures, platforms and mediums. The individual will help in the secure deployment of Network systems and help in the maintenance of non-in-line Security systems and the administration of same in a mission-critical, 24/7 environment.

The ideal candidate should be able to document and articulate proposed designs to both technical peers and service stakeholders. This person is a dedicated self-starter with interest in security and networking technologies and willingness to take on complex issues and resolve them in a timely manner. The candidate will be customer focused with an acute sense of urgency in resolving issues that incur a service interruption. The applicant will have 5+ years of previous experience supporting a highly available Wide Area Network or Internet service with knowledge in OSPF and BGP routing on Cisco IOS, Juniper, or Fortinet devices and who is now looking forward to work on network and systems security challenges. Previous work with IOS based routers, switches and Layer-7 firewall (Fortinet, Checkpoint and/or Palo Alto firewalls, etc.) is a great plus as well as strong current Security Analysis experience for Linux and Windows-based systems.

We are seeking an intelligent, highly motivated, diligent and detail-oriented security engineer with an extensive background in networking and vulnerability management, who understands and enjoys cutting edge security technologies and has a passion for troubleshooting, learning, and sharing knowledge. A willingness and aptitude to learn pen-testing and automation capabilities is highly desired. This engineer will work in a team-oriented, fast-paced, flexible environment with a wide array of responsibilities across the organization. The person is expected to be a team player with good problem solving, organizational and verbal and written communication skills.

Responsibilities:

• Administer and operate the infrastructure Vulnerability Management platform in alignment with security standards and the Vulnerability Management program
• Lead the internal Fortinet products vulnerability management process for critical and exposed production systems
• Support security compliance programs (e.g., SOX, ISO 27001, SSAE-16)
• Develop and maintain configuration compliance tooling (firewalls, routers, hosts) and monitor standards deployment coverage
• Partner with system owners and operations teams to improve security posture, vulnerability remediation, and automated testing
• Initiate escalations for critical threats and vulnerabilities
• Maintain external attack surface definitions and continuously improve global IPAM data accuracy for both internal and external IP spaces
• Promote the security standards with IT and productions teams
• Help Monitor, optimize, troubleshoot, document, and otherwise 'pamper' the network
• Review and continuously improve security standards, policies, and risk posture
• Conduct ad-hoc risk assessments, security reviews, and log analysis
• Design, implement, and support security tools, services, and infrastructure
• Evaluate emerging security technologies and threats
• Participate in incident response, SIEM event review, and network testing activities
• Automate operational tasks through scripting
• Provide on-site support for security infrastructure deployment and maintenance
• Maintain security operations documentation and support audits and capability assessments

Required Skills/Qualifications:

• At least 5 years hands-on work experience in IT networking and/or security engineering
• Strong foundation in network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, TLS, DNS, DHCP NetFlow, BGP, OSPF, IPv6 etc.)
• Knowledge of system security vulnerabilities and remediation techniques
• Solid experience and technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, application security
• Solid understanding in designing and deploying networks
• Knowledge of threat modeling or other risk identification techniques
• Knowledge of Network Design, Operation and Architecture principals (hardware, routing, switching, segmentation)
• Excellent written and verbal communication skills
• Excellent teamwork skills
• Results oriented, high energy, self-motivated
• Diligent and detail-oriented mindset
• A BS degree in Computer Science, Cyber Security, other tech-related degree, or equivalent experience

Strongly Desired Skills:

• Knowledge of Vulnerability Management and Compliance systems (e.g., RedSeal, Tenable, Qualys)
• Scripting skills (e.g., Rust, Python, or shell scripting)
• Experience in vulnerability testing and auditing
• Familiarity with regulatory and legal requirements
• Familiarity with compliance frameworks for data management such as ITIL, ISO 27001/27002, COBIT, NIST, PCI or SSAE-16, Sarbanes-Oxley
• CISSP, GIAC (GPEN, GCIH, GCFA, etc.), CEH certification or equivalent preferred
• Experience in OS security hardening preferred
• Knowledge of IDS/IPS and SIEM system is a plus

The US base salary range for this full-time position is $216,000-$264,000. Fortinet offers employees a variety of benefits, including medical, dental, vision, life and disability insurance, 401(k), 11 paid holidays, vacation time, and sick time, as well as a comprehensive leave program.

Wage ranges are based on various factors, including the labour market, job type, and job level. Exact salary offers will be determined by factors such as the candidate's subject knowledge, skill level, qualifications, experience, and geographic location.

All roles are eligible to participate in the Fortinet equity program. Bonus eligibility is reviewed at the time of hire and annually at the Company's discretion.

Must be authorized to work in the U.S. without sponsorship.

Why Join Us:

We encourage candidates from all backgrounds and identities to apply. We offer a supportive work environment and a competitive Total Rewards package to support you with your overall health and financial well-being.

Embark on a challenging, enjoyable, and rewarding career journey with Fortinet. Join us in bringing solutions that make a meaningful and lasting impact to our 890,000+ customers around the globe.

About Us

Fortinet (NASDAQ: FTNT) secures the largest enterprise, service provider, and government organizations around the world. Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network - today and into the future. Only the Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud or mobile environments. Fortinet ranks number one in the most security appliances shipped worldwide and more than 500,000 customers trust Fortinet to protect their businesses.

We are committed to providing reasonable accommodations for all qualified individuals with disabilities. If you require assistance or accommodation due to a disability, please contact us at

Fortinet is an equal opportunity employer. We value diversity in our company, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age, military/veteran status or any other applicable legally protected characteristics in the location in which the candidate is applying.