Information Security Analyst

You would act as an Information Security Analyst for global Security Operations Center (SOC) team. This highly technical role requires continuous security event monitoring, threat identification, risk assessment, incident response, and collaboration with regional leaders to advance Fortinet’s security posture and compliance. As part of a 24x7x365 “follow the sun” SOC model, this role involves working five days per week (40 hours), which may include weekend shifts as part of the standard workweek.

As an Information Security Analyst, your responsibilities will include:

• Monitor security alerts and incidents from cloud-based security platforms (AWS, Azure, GCP).
• Investigate and respond to security threats, including triage, containment, and remediation.
• Perform security log analysis, threat hunting, and anomaly detection.
• Assist in developing and tuning security monitoring rules, alerts, and automation.
• Contribute to post-incident investigations and root cause analyses.
• Support compliance efforts and security best practices.
• Document security incidents, response activities, and lessons learned.
• Actively monitor and analyze security events, alerts, and logs using SIEM, SOAR, EDR, DLP and related tools, investigating security incidents to mitigate potential risks.
• Develop and refine SOC processes, playbooks, alerts, reports, and dashboards to enhance threat detection and incident response capabilities.

We are looking for: 

• Experience in Information Technology, Information Security, or a SOC/NOC role. Prior experience in network or information systems administration is advantageous.
• Experience in a cloud security role.
• Strong understanding of cloud security principles (IAM, network security, logging).
• Familiarity with AWS GuardDuty, Security Hub, Azure Sentinel, Google Chronicle, or similar tools.
• Solid understanding of the threat landscape, attacker motivations (phishing, malware, APTs, DoS attacks), and defensive strategies.
• Knowledgeable in key security technologies: SIEM, SOAR, EDR, ID/IPS, access control, vulnerability management, and External Attack Surface Management.
• Strong understanding of network protocols, DNS, and networking equipment (routers, VPNs, proxies, firewalls).
• Knowledge of threat intelligence, attack techniques (MITRE ATT&CK framework), and incident response procedures.
• Scripting and automation skills (Python, PowerShell, or similar) are a plus.

Soft Skills:

• Exceptional written, verbal, and interpersonal communication skills, with strong attention to detail.
• Ability to engage effectively and collaborate across teams, demonstrating a customer-focused, approachable demeanor to support security awareness.
• Proficiency in English; additional regional languages are a plus.

Educational & Certification Requirements:

• Education: Bachelor’s degree in computer science, Information Security, or a related field.
• Certifications: Preferred certifications include one or more of the following: CISSP, CCSP, CISA, CISM, CRISC, CCNA, GIAC GCFE, GCFA, GCIH, AWS Security Specialty, GSEC, GCFR, or equivalent.