Information Security Analyst - Burnaby, Canada - Fortinet

Fortinet

Verified Company

Burnaby, Canada

2 weeks ago

Posted by:

Sophia Lee

beBee Recruiter

Description

The Fortinet Team is looking for an Information Security Analyst to join the Information Security team for Burnaby site.

It is a highly technical role assisting the Information Security leadership with daily information security operation activities, both on an organizational and technical level.

Responsibilities:

Work with different teams including network operations and R&D to protect our private cloud infrastructure.
Oversee the cyber security incident response procedure, including investigation of, countermeasure to, and recovery from cyber security attacks, unauthorized access, and policy breaches; engage, interact and coordinate with other internal teams.
Review, and analyze security related logs; recognize problems by identifying abnormalities and investigate possible cause of being compromised.
Collect data from various security tools (FortiAnalyzer, SIEM) and use SOAR to drive security incidents triage, response and resolution.
Conduct security evaluation on our cloud services to show how vulnerabilities can be exploited to compromise the system to gain access, leaking data, privilege escalation, modify system configurations, create covered channels for later access in details
Work with service operation team to perform system hardening and compliance check on a regular basis to ensure our cloud service meet the requirements of ISO2700
Investigate events or incidents of apparent security breaches and report to appropriate authorities using corporate procedures.
Comprehensive understanding of computer systems, Databases, Applications (e.g. WEB, LDAP, RADIUS, REST API and SAML API.)

and network security:
including system vulnerabilities analysis and penetration testing.

Skills and Qualifications:

3+ years of experience in information security analyst/penetration tester role.
SOC/NOC experience desired. Working knowledge of information security control technologies including access control, cryptography, vulnerability management, SIEM/log management, ID/IPS.
Handson experience on FortiSIEM, FortiSOAR, and FortiAnalyzer is desirable.
Familiarity with programming language in C, Python, SQL and HTML/JavaScript will be a highly valued.
Previous experience on systemlevel security evaluation and consulting, reporting of 0day vulnerability on any service/system is an valuable asset.
Working knowledge of passive/offensive security testing tools including Nessus, NMAP, BURP, MetaSploit, and other tools included in Kali Linux.
Knowledge and experience working with various information security frameworks (ISO/IEC 27001, NIST 80053, COBIT, etc) and regulatory frameworks (SOX, PCI-DSS 3.2, HIPAA, GDPR, etc.)

Soft Skills:

Quick learner and independent research ability
High responsibility and time sensitive on duties
Target driven and efficient working style
Strong organization and timemanagement skills
Keen attention to details

Educational & Certification Requirements:

Bachelor's degree in Computer Science, Information Security, Electrical Engineering or related field;
A certification in one or more of the following is strongly desirable:
CCNA, CCNP, NSE
CISSP, CCSP
CEH, OSCP

GD

LI-LO1