Senior Penetration Tester

Join Fortinet, a cybersecurity pioneer with over two decades of excellence, as we continue to shape the future of cybersecurity and redefine the intersection of networking and security. At Fortinet, our mission is to safeguard people, devices, and data everywhere. We are currently seeking a dynamic Senior Penetration Tester to contribute to the success of our rapidly growing business.

You would act as Senior Penetration Tester for Cloud Information Security team. It is a highly technical role assisting the Information Security leadership with security test and evaluation activities. 

As a Senior Penetration Tester, your responsibilities will include: 

• Conduct regularly penetration tests and security evaluations on Fortinet cloud products, covering web applications and server backend under various authentication level to identify vulnerabilities and security risks.
• Investigating and Writing POCs for published vulnerabilities and help production team to evaluating the exploitability and risks.
• Participating in design and implementation of cloud security posture management system, primarily focusing on public IP scan and security exposure analysis
• Conduct security review on system design and functional design, review the security flaws in programming regularly.
• Red team activities, specifically on developing scripts and programs aiming to penetrate and infiltrate in scope systems and ICT technologies.
• Capable of collecting threat intelligence and evaluate/maintain Pentest tools

We are looking for: 

• 3+ years of dedicated experience in information security role with strong pen-tester practiced background (CVE, Pentest reports, Tech articles may be asked as proofs).
• Professional penetration test skills on information technologies including operation systems, software frameworks, database, web applications and networks.
• Strong knowledge of the fundamentals of web applications including. authentication, authorization, session management, HTTP protocol, web language, web server and browser architecture and implementation principle.
• Proficient programming ability with programming languages in order to conduct security code review and develop scripts and programs to help enrich security scan efficiency and penetration testing automation and dive in-depth ability. 
• Experience of software research and development is highly valued.
• Proven skills and expertise of using pen-test tools, e.g. Nessus, Burp Suite.
• Demonstrated Practices of using Kali Linux/Metasploit to craft POC for known vulnerabilities.

About Our Team:

Join our team, known for its collaborative ethos, working seamlessly with global customers, internal engineering teams and product development groups. Our team culture emphasizes continuous learning, innovation, and a strong commitment to customer satisfaction. We embrace Fortinet’s core values of openness, teamwork and innovation, fostering an environment where team members support each other, share knowledge, and leverage AI to solve complex technical challenges. Our inclusive and dynamic team thrives on collaboration and is driven by the shared goal of maintaining Fortinet’s high standards of excellence in cybersecurity solutions.

Why Join Us:

We encourage candidates from all backgrounds and identities to apply. We offer a supportive work environment and a competitive Total Rewards package to support you with your overall health and financial well-being. 

Embark on a challenging, enjoyable, and rewarding career journey with Fortinet. Join us in bringing solutions that make a meaningful and lasting impact to our 660,000+ customers around the globe.

The Canada base salary range for this full-time position is expected to be between $95,000 - $120,000 annually.  Wage ranges are based on various factors including the labour market, job type, and job level.  Exact salary offers will be determined by factors such as the candidate’s subject knowledge, skill level, qualifications, and experience. 

Fortinet strives to provide you and your family with a comprehensive benefits package. Benefits eligibility starts on your first day of hire and comprises of 100% company paid medical, dental, and vision coverage, including a Health Spending Account and a Personal Spending Account that gives you flexibility to spend where you need it the most. Our Employee & Family Assistance Plan (EFAP) offers you and your family access to various services like counseling, legal advice, mental health resources etc. We also provide critical illness, disability, and life insurance, as well as a Group Registered Retirement Savings Plan (RRSP) with a company match to help you save faster for retirement. We offer competitive Paid Time Off and flexible leave policies, including paid health days, to help you take care of yourself and your family members.

All roles are eligible to participate in the Fortinet equity program.  Bonus eligibility is reviewed at time of hire and annually at the Company’s discretion.