IT Security Compliance Analyst

Join Fortinet a cybersecurity pioneer with over two decades of excellence as we continue to shape the future of cybersecurity and redefine the intersection of networking and security. At Fortinet our mission is to safeguard people devices and data everywhere. We are currently seeking a dynamic IT Security & Compliance Analyst to contribute to the success of our rapidly growing business.

You would act as IT Security and Compliance Analyst for our dynamic team. The ideal candidate will play a critical role in ensuring our organization adheres to security policies and compliance frameworks. The candidate should have expertise in policy governance conducting risk assessments managing thirdparty risks conducting internal audits and implementing compliance frameworks and certifications such as SOC 2 HIPAA ISO 27001/2017/27018 NIST 80053 FedRamp HIPAA PCIDSS etc.

As an IT Security & Compliance Analyst your responsibilities will include:

• Policy Governance: Develop review and maintain IT security policies and procedures in alignment with industry standards and regulatory requirements.
• Risk Assessments: Conduct regular risk assessments to identify vulnerabilities threats and impacts to IT assets and operations. Evaluate the effectiveness of existing controls and recommend enhancements.
• Risk Management: Collaborate with various departments to develop and implement risk management strategies including risk mitigation plans and monitoring processes.
• ThirdParty Risk Assessments: Perform due diligence and risk assessments on thirdparty vendors to ensure compliance with security policies and frameworks. Monitor and manage ongoing thirdparty risk.
• Compliance Framework Implementation: Assist in the implementation and maintenance of compliance frameworks and certifications (SOC 2 HIPAA ISO 27001/2017/27018 NIST 80053 FedRamp). Prepare for and support audits and assessments.
• Documentation and Reporting: Maintain accurate documentation of compliance activities risk assessments and remediation efforts. Prepare reports for management and stakeholders.
• Continuous Improvement: Stay current with industry trends regulations and best practices in IT security and compliance. Recommend improvements to existing processes and controls.
• Internal Audits:Plan execute and manage internal audits to assess compliance with ISO 27001 standards and other relevant frameworks.

We are looking for:

• Bachelors degree in information security Computer Science or a related field.
• 5 years of experience in IT security compliance or risk management.
• Strong knowledge of security compliance frameworks and standards (SOC 2 HIPAA ISO 27001/27017/27018 NIST 80053 etc).
• Experience with risk assessment methodologies and tools.
• Familiarity with thirdparty risk management processes.
• Excellent analytical problemsolving and communication skills.
• Experience with GRC tools.
• Relevant certifications (CISSP CISM CRISC or equivalent) are a plus.

About Our Team:

Join our team known for its collaborative ethos working seamlessly with global customers internal engineering teams and product development groups. Our team culture emphasizes continuous learning innovation and a strong commitment to customer satisfaction. We embrace Fortinets core values of openness teamwork and innovation fostering an environment where team members support each other share knowledge and leverage AI to solve complex technical challenges. Our inclusive and dynamic team thrives on collaboration and is driven by the shared goal of maintaining Fortinets high standards of excellence in cybersecurity solutions.

Why Join Us:

We encourage candidates from all backgrounds and identities to apply. We offer a supportive work environment and a competitive Total Rewards package to support you with your overall health and financial wellbeing.

Embark on a challenging enjoyable and rewarding career journey with Fortinet. Join us in bringing solutions that make a meaningful and lasting impact to our 660000 customers around the globe.

The US base salary range for this fulltime position is $150000$175000. Fortinet offers employees a variety of benefits including medical dental vision life and disability insurance 401(k) 11 paid holidays vacation time and sick time as well as a comprehensive leave program.

Wage ranges are based on various factors including the labor market job type and job level. Exact salary offers will be determined by factors such as the candidates subject knowledge skill level qualifications experience and geographic location.

All roles are eligible to participate in the Fortinet equity program Bonus eligibility is reviewed at time of hire and annually at the Companys discretion.

#GD