Fortinet Team is looking for an Information Security Analyst to join Information Security team in Burnaby site. It is a highly technical role assisting the Information Security leadership with daily information security activities, both on an organizational and technical level.
Assist in developing, implementing and maintaining Information Security Management System (ISMS with applicable security policies, processes and practices). Ensure ISO 27001 compliance.
Conduct risk and privacy impact assessments to information systems and business processes. Implement risk treatment plan.
Collaborate with system administrators to ensure that appropriate controls are installed, operating properly, in accordance with the corporate policies. Conduct periodic audit.
Conduct vulnerability scans and system hardening.
Collect, review, and analyze security related logs; recognize problems by identifying abnormalities; reporting violations.
Investigate events or incidents of apparent security breaches and report to appropriate authorities using corporate procedures.
Ensure compliance to required standards, procedures, guidelines and processes.
Participate in audits related to security and compliance.
Skills and Qualifications:
3+ years of experience in an information security role.
Previous experience in an information system or network administration role.
Knowledge and experience working with various information security frameworks (ISO/IEC 27001, NIST 800-53, COBIT5, etc) and regulatory frameworks (SOX, PCI-DSS 3.2, HIPAA, GDPR, etc.)
Working knowledge of information security control technologies including access control, cryptography, vulnerability management, SIEM/log management, ID/IPS, and penetration test.
Working knowledge and hardening skills on information technologies including Linux, Windows, VMWare, MySQL, MSSQL, Oracle, etc.
Working knowledge of network protocols, DNS, and networking devices - routers, VPNs, proxies, firewalls.
SOC/NOC experience desired. Good verbal and written communication skills as well as attention to detail.
Demonstrate ability to engage and collaborate with employees, presenting a friendly, approachable demeanor to leverage security to help others succeed.
Educational & Certification Requirements:
Bachelors degree in Computer Science, Information Security or related field;
A certification in one or more of the following desirable:
ISO 27001 Lead-Audit