This company is committed to hiring Veterans

Network Security Engineer (AMGA573)

This job is no longer active. View similar jobs.

POST DATE 9/19/2017
END DATE 11/29/2017

Fortinet Sunnyvale, CA

Sunnyvale, CA
AJE Ref #
Job Classification
Full Time
Job Type
Company Ref #
Mid-Career (2 - 15 years)
Bachelors Degree


Organization Overview
Fortinet (NASDAQ: FTNT) protects the most valuable assets of some of the largest enterprise, service provider and government organizations across the globe. The company's fast, secure and global cyber security solutions provide broad, high-performance protection against dynamic security threats while simplifying the IT infrastructure. They are strengthened by the industry's highest level of threat research, intelligence and analytics. Unlike pure-play network security providers, Fortinet can solve organizations' most important security challenges, whether in networked, application or mobile environments - be it virtualized/cloud or physical. More than 310,000 customers worldwide, including some of the largest and most complex organizations, trust Fortinet to protect their brands. Learn more at, the Fortinet Blog or FortiGuard Labs



California [CA]

United States [US]

Network Security Engineer (AMGA573)

Req #

Job Status
Full Time Regular

Functional Area

Position Overview

Job Description

Reporting to the Director of Information Security and Compliance, the Network/Security Engineer is an integral part of the Fortinet s security team, helping to ensure the infrastructure (systems and networks) stability and the security of Fortinet s corporate and research environments. This requires extensive and broad functional experience with IDS/IPS, switching, routing, firewall, VPN and content networking, across a wide range of complex architectures, platforms and mediums. The individual will help in the secure deployment of Network systems and help in the maintenance of non-in-line Security systems and the administration of same in a mission-critical, 24/7 environment.

The ideal candidate should be able to document and articulate proposed designs to both technical peers and service stakeholders. This person is a dedicated self-starter with interest in security and networking technologies and willingness to take on complex issues and resolve them in a timely manner. The candidate will be customer focused with an acute sense of urgency in resolving issues that incur a service interruption. The applicant will have 4-5+ years of previous experience supporting a highly available Wide Area Network or Internet service with knowledge in OSPF and BGP routing on Cisco IOS , Juniper or Fortinet devices and who is now looking forward to solely work on networks and systems security challenges. Previous work with IOS based routers, switches and Layer-7 firewall (Fortinet, Checkpoint and/or Palo Alto firewalls, etc.) is a great plus as well as strong current Security Analysis experience for Linux and Windows-based systems.

We are seeking an intelligent, highly motivated, experienced security engineer with an extensive background in networking, who understands and enjoys cutting edge security technologies and has a passion for troubleshooting, learning, and sharing knowledge. A willingness and aptitude to learn application pen-testing is highly desired. This engineer will work in a team-oriented, fast-paced, flexible environment with a wide array of responsibilities across the organization. The person is expected to be a team player with good problem solving, organizational and verbal and written communication skills.


* Help in implementation of strategies for threat analysis and vulnerability assessments
* Design, implement and support security-focused tools and services
* Maintain intrusion prevention systems and other security devices
* Participate in security compliance efforts (e.g., PIC, SOX, ISO 27001, SSAE-16, etc.)
* Evaluate new and emerging security products and technologies
* Participate in tier 2 and tier 3 security operations support
* Performing log analysis and participating in the incident response lifecycle and on-call rotation duties
* Respond to physical and logical security incidents through remediation efforts including implementation of a secure infrastructure and the development of and adherence to incident response and recovery processes
* Perform proactive research to identify and understand new threats, vulnerabilities, and exploits
* Monitoring IDS, Firewall, and log correlation tools for potential threats, initiate remediation actions per procedures where required
* Performing log analysis and participating in the incident response lifecycle
* Helping to audit, prevent, respond, or remediate security incidents
* Initiate escalation procedure to counteract potential threats/vulnerabilities
* Advise on secure deployments of new switches, routers, firewalls, and VPN devices
* Help Monitor, optimize, troubleshoot, document, and otherwise pamper the network
* Work with Operations team in helping the management of vulnerability and automated penetration testing process to ensure proper security for the organization
* Proactively assess potential items of risk and vulnerability in the network & systems
* Day to Day review of SIEM events/alarms
* Understand new and emerging threats that can affect Fortinet's information resources.
* Work with other security and technical staff to conduct network testing, documenting incident results and providing management with incident reporting and summary observations
* Assist in maintaining required documentation and management of overall security strategy plus compliance for the organization.
* Assist technical or support services staff with information systems capabilities assessment reviews and/or audits.
* Promote Fortinet s continuous quality improvement (CQI) philosophy with the team (i.e., team building, communications, and process analysis) as well as between organization teams.

Required Skills/Qualifications:

* BS in Computer Science or equivalent required with at least hands-on experience in IT security and risk management
* Several years experience in vulnerability testing and auditing
* Experience working with development team(s) that delivered commercial software or software-based services (development, QA testing, or security role)
* Solid experience and technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography as they relate to network security
* Knowledge of threat modeling or other risk identification techniques
* Knowledge of system security vulnerabilities and remediation techniques
* Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols, etc.)
* Knowledge of IDS/IPS and preferably SIEM systems
* Excellent written and verbal communication skills
* Excellent teamwork skills
* Results oriented, high energy, self-motivated

Strongly Desired Skills:
* Some familiarity with regulatory and legal requirements
* Some familiarity with compliance frameworks for data management such as ITIL, ISO 27001/27002, COSO, NIST, PCI or SSAE-16, Sarbanes-Oxley
* CISSP, GIAC (GPEN, GCIH, GCFA, etc.), CEH certification or equivalent preferred
* Forensics experience (Encase, etc.)
* Familiarity with tap-aggregation tools (e.g. Gigamon)
* Scripting skills (e.g., Perl, Python or shell scripting) to automate common tasks


Accommodation: If you are an individual with a disability and require a reasonable accommodation to complete any part of the application process, or are limited in the ability or unable to access or use this online application process and need an alternative method for applying, you may contact Fortinet, Inc at (408) 235-7700 of for assistance.

EEO: All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin,