Information Security Analyst

Join Fortinet, a cybersecurity pioneer with over two decades of excellence, as we continue to shape the future of cybersecurity and redefine the intersection of networking and security. At Fortinet, our mission is to safeguard people, devices, and data everywhere. We are currently seeking a dynamic Senior information security analyst to contribute to the success of our rapidly growing government business.

You would act as an Information Security Analyst for the information security team. The ideal candidate will play a critical role in ensuring our organization adheres to security policies and compliance frameworks. The candidate should have expertise in policy governance, conducting risk assessments, managing third-party risks, conducting internal audits and implementing compliance frameworks and certifications such as NIST 800-53, StateRAMP and FedRAMP.

As an Information Security Analyst, your responsibilities will include: 

• Policy Governance:  Develop, review, and maintain IT security policies and procedures in alignment with industry standards and regulatory requirements.
• Risk Assessments: Conduct regular risk assessments to identify vulnerabilities, threats, and impacts to IT assets and operations. Evaluate the effectiveness of existing controls and recommend enhancements.
• Risk Management: Collaborate with various departments to develop and implement risk management strategies, including risk mitigation plans and monitoring processes.
• Third-Party Risk Assessments: Perform due diligence and risk assessments on third-party vendors to ensure compliance with security policies and frameworks. Monitor and manage ongoing third-party risk.
•  Compliance Framework Implementation: Assist in the implementation and maintenance of compliance frameworks and certifications (NIST 800-53, StateRAMP, FedRAMP). Prepare for and support audits and assessments.
• Documentation and Reporting: Maintain accurate documentation of compliance activities, risk assessments, and remediation efforts. Prepare reports for management and stakeholders.
• Continuous Improvement: Stay current with industry trends, regulations, and best practices in IT security and compliance. Recommend improvements to existing processes and controls.
• Internal Audits: Plan, execute, and manage internal audits to assess compliance with StateRAMP and FedRAMP standards and other relevant frameworks.

We are looking for: 

• Bachelor degree in Information Security, Cybersecurity, Information Technology, or a related field
• 5+ years of hands-on experience in IT security, compliance, or risk management. 
• Strong knowledge of security compliance frameworks and standards (NIST 800-53, StateRAMP, FedRAMP).
• Experience with risk assessment methodologies and tools.
• Familiarity with third-party risk management processes.
• Excellent analytical, problem-solving, and communication skills.
• Proficient in Microsoft Office applications (Word, Excel, and PowerPoint), collaboration platforms (SharePoint, Outlook, and Teams), and GRC/Compliance Management tools.
• Soft Skills: Exceptional interpersonal and communication abilities; meticulous attention to detail and accuracy; strong organizational and project management acumen.

About Our Team:

Join our team, known for its collaborative ethos, working seamlessly with global customers, internal engineering teams and product development groups. Our team culture emphasizes continuous learning, innovation, and a strong commitment to customer satisfaction. We embrace Fortinet’s core values of openness, teamwork and innovation, fostering an environment where team members support each other, share knowledge, and leverage AI to solve complex technical challenges. Our inclusive and dynamic team thrives on collaboration and is driven by the shared goal of maintaining Fortinet’s high standards of excellence in cybersecurity solutions.

Why Join Us:

We encourage candidates from all backgrounds and identities to apply. We offer a supportive work environment and a competitive Total Rewards package to support you with your overall health and financial well-being. Embark on a challenging, enjoyable, and rewarding career journey with Fortinet. Join us in bringing solutions that make a meaningful and lasting impact to our 660,000+ customers around the globe.

The US base salary range for this full-time position is $120,000-$140,000. Fortinet offers employees a variety of benefits, including medical, dental, vision, life and disability insurance, 401(k), 11 paid holidays, vacation time, and sick time as well as a comprehensive leave program.

Wage ranges are based on various factors including the labor market, job type, and job level. Exact salary offers will be determined by factors such as the candidate's subject knowledge, skill level, qualifications, experience, and geographic location.

All roles are eligible to participate in the Fortinet equity program, Bonus eligibility is reviewed at time of hire and annually at the Company’s discretion.