Senior Security Engineer

Fortinet•Sunnyvale, CA

19h

About The Position

Fortinet is looking for a Senior Security Engineer to join the Corporate Information Security team. This highly technical role is an integral part of the Fortinet’s security team that is responsible for the security of Fortinet’s corporate and research environments. This requires extensive and broad functional experience with Vulnerability Management, Compliance, IDS/IPS, switching, routing, firewall, VPN and content networking, across a wide range of complex architectures, platforms and mediums. The individual will help in the secure deployment of Network systems and help in the maintenance of non-in-line Security systems and the administration of same in a mission-critical, 24/7 environment. The ideal candidate should be able to document and articulate proposed designs to both technical peers and service stakeholders. This person is a dedicated self-starter with interest in security and networking technologies and willingness to take on complex issues and resolve them in a timely manner. The candidate will be customer focused with an acute sense of urgency in resolving issues that incur a service interruption. The applicant will have 5+ years of previous experience supporting a highly available Wide Area Network or Internet service with knowledge in OSPF and BGP routing on Cisco IOS, Juniper, or Fortinet devices and who is now looking forward to work on network and systems security challenges. Previous work with IOS based routers, switches and Layer-7 firewall (Fortinet, Checkpoint and/or Palo Alto firewalls, etc.) is a great plus as well as strong current Security Analysis experience for Linux and Windows-based systems. We are seeking an intelligent, highly motivated, diligent and detail-oriented security engineer with an extensive background in networking and vulnerability management, who understands and enjoys cutting edge security technologies and has a passion for troubleshooting, learning, and sharing knowledge. A willingness and aptitude to learn pen-testing and automation capabilities is highly desired. This engineer will work in a team-oriented, fast-paced, flexible environment with a wide array of responsibilities across the organization. The person is expected to be a team player with good problem solving, organizational and verbal and written communication skills.

Requirements

At least 5 years hands-on work experience in IT networking and/or security engineering
Strong foundation in network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, TLS, DNS, DHCP NetFlow, BGP, OSPF, IPv6 etc.)
Knowledge of system security vulnerabilities and remediation techniques
Solid experience and technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, application security
Solid understanding in designing and deploying networks
Knowledge of threat modeling or other risk identification techniques
Knowledge of Network Design, Operation and Architecture principals (hardware, routing, switching, segmentation)
Excellent written and verbal communication skills
Excellent teamwork skills
Results oriented, high energy, self-motivated
Diligent and detail-oriented mindset
A BS degree in Computer Science, Cyber Security, other tech-related degree, or equivalent experience

Nice To Haves

Knowledge of Vulnerability Management and Compliance systems (e.g., RedSeal, Tenable, Qualys)
Scripting skills (e.g., Rust, Python, or shell scripting)
Experience in vulnerability testing and auditing
Familiarity with regulatory and legal requirements
Familiarity with compliance frameworks for data management such as ITIL, ISO 27001/27002, COBIT, NIST, PCI or SSAE-16, Sarbanes-Oxley
CISSP, GIAC (GPEN, GCIH, GCFA, etc.), CEH certification or equivalent preferred
Experience in OS security hardening preferred
Knowledge of IDS/IPS and SIEM system is a plus
A willingness and aptitude to learn pen-testing and automation capabilities is highly desired.

Responsibilities

Administer and operate the infrastructure Vulnerability Management platform in alignment with security standards and the Vulnerability Management program
Lead the internal Fortinet products vulnerability management process for critical and exposed production systems
Support security compliance programs (e.g., SOX, ISO 27001, SSAE‑16)
Develop and maintain configuration compliance tooling (firewalls, routers, hosts) and monitor standards deployment coverage
Partner with system owners and operations teams to improve security posture, vulnerability remediation, and automated testing
Initiate escalations for critical threats and vulnerabilities
Maintain external attack surface definitions and continuously improve global IPAM data accuracy for both internal and external IP spaces
Promote the security standards with IT and productions teams
Help Monitor, optimize, troubleshoot, document, and otherwise ‘pamper’ the network
Review and continuously improve security standards, policies, and risk posture
Conduct ad‑hoc risk assessments, security reviews, and log analysis
Design, implement, and support security tools, services, and infrastructure
Evaluate emerging security technologies and threats
Participate in incident response, SIEM event review, and network testing activities
Automate operational tasks through scripting
Provide on‑site support for security infrastructure deployment and maintenance
Maintain security operations documentation and support audits and capability assessments

Benefits

medical, dental, vision, life and disability insurance
401(k)
11 paid holidays
vacation time
sick time
comprehensive leave program
All roles are eligible to participate in the Fortinet equity program.
Bonus eligibility is reviewed at the time of hire and annually at the Company’s discretion.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume