Information Security Specialist

We are seeking a dynamic and highly skilled Security Operations Expert to join our SOC team, responsible for the security monitoring and management systems. This role encompasses incident response, vulnerability management, and administration of critical security tools. The ideal candidate will also fine-tune detection rules to enhance the effectiveness of incident detection and response workflows.

Key Responsibilities:

• Monitor and respond to security incidents in alignment with incident response protocols.
• Conduct vulnerability assessments and manage remediation efforts.
• Perform log analysis, host-based, and network forensic investigations to identify threats.
• Administer and maintain security tools such as SOAR, SIEM, Anti-Virus, and similar platforms. 
• Fine-tune incident detection and alert-triggering rules to minimize false positives and improve detection accuracy.
• Analyze and improve security measures by assessing and updating policies, configurations, and procedures.
• Maintain situational awareness by tracking emerging threats, attack patterns, and tactics, techniques, and procedures (TTPs).
• Develop comprehensive reports and presentations for both technical and non-technical audiences.
• Contribute to the SOC’s continuous improvement by refining workflows, automation, and system integrations.

Qualifications:

• Bachelor’s degree in Computer Science, Cybersecurity, or a related field (or equivalent experience).
• 5+ years of experience in security operations, incident response, threat detection and analysis, governance and compliance or similar. 
• Hands-on experience administering and configuring security tools such as FortiSOAR, FortiSIEM, FortiAnalyzer, FortiDeceptor, FortiGate and other Fortinet products. Understanding and building playbooks in SOAR in Json/Jinja experience is preferred.
• Strong understanding of detection engineering, fine-tuning alerting rules, and managing SIEM/EDR and vulnerability management systems.
• Proficiency in security frameworks and various compliance standards like ISO 27001, SOC, StateRAMP, FedRAMP, NIST, etc.
• Familiarity with scripting (e.g., Python, PowerShell) for task automation and tool customization.
• Strong analytical and troubleshooting skills for rapid issue resolution under pressure.
• Excellent communication skills, both written and verbal, for technical and executive audiences.
• Industry certifications such as CISSP, CISA, CRISC, CCSP, ISO 27001, or equivalent are highly preferred.

 

The Canada base salary range for this full-time position is expected to be between $95,000 - $125,000 annually.  Wage ranges are based on various factors including the labour market, job type, and job level.  Exact salary offers will be determined by factors such as the candidate’s subject knowledge, skill level, qualifications, and experience. 

Fortinet strives to provide you and your family with a comprehensive benefits package. Benefits eligibility starts on your first day of hire and comprises of 100% company paid medical, dental, and vision coverage, including a Health Spending Account and a Personal Spending Account that gives you flexibility to spend where you need it the most. Our Employee & Family Assistance Plan (EFAP) offers you and your family access to various services like counseling, legal advice, mental health resources etc. We also provide critical illness, disability, and life insurance, as well as a Group Registered Retirement Savings Plan (RRSP) with a company match to help you save faster for retirement. We offer competitive Paid Time Off and flexible leave policies, including paid health days, to help you take care of yourself and your family members.

All roles are eligible to participate in the Fortinet equity program.  Bonus eligibility is reviewed at time of hire and annually at the Company’s discretion. 

Fortinet makes possible a digital world that we can always trust through its mission to protect people, devices, and data everywhere. This is why the world’s largest enterprises, service providers, and government organizations choose Fortinet to securely accelerate their digital journey. The Fortinet Security Fabric platform delivers broad, integrated, and automated protections across the entire digital attack surface, securing critical devices, data, applications, and connections from the data center to the cloud to the home office. Ranking #1 in the most security appliances shipped worldwide, more than 615,000 customers trust Fortinet to protect their businesses. And the Fortinet NSE Training Institute, an initiative of Fortinet’s Training Advancement Agenda (TAA), provides one of the largest and broadest training programs in the industry to make cyber training and new career opportunities available to everyone.