Security Compliance Analyst

Position Overview: As a Security Compliance Analyst your role is crucial in ensuring that Fortinets information systems and processes comply with relevant security standards regulations and policies. You will be responsible for evaluating developing and maintaining the organizations security compliance framework conducting audits and assessments and recommending corrective actions to mitigate risks. Your expertise in security compliance will help safeguard Fortinets sensitive data and maintain a robust security posture.

Duties and Responsibilities:

1. Compliance Assessment:
   • Perform regular assessments and audits of the organizations security controls policies and procedures.
   • Identify potential vulnerabilities risks and compliance gaps through comprehensive reviews and analysis.
   • Evaluate compliance with relevant regulatory frameworks such as SOC2 ISO27001 GDPR HIPAA PCI DSS and others.
   • Collaborate with stakeholders to understand business requirements and ensure compliance measures align with industry standards.
2. Compliance Framework Development:
   • Develop and maintain an effective security compliance framework that aligns with organizational goals and objectives.
   • Create and update policies standards and guidelines to address emerging security threats and regulatory changes.
   • Design and implement security controls procedures and technical safeguards to ensure compliance across the organization.
3. Risk Assessment and Management:
   • Conduct risk assessments to identify potential security vulnerabilities and recommend appropriate risk mitigation strategies.
   • Collaborate with crossfunctional teams to implement risk management frameworks and ensure compliance with risk management policies.
   • Provide guidance and support to stakeholders in understanding and addressing securityrelated risks.
   • Monitor and report on the effectiveness of risk mitigation strategies.
4. Documentation and Reporting:
   • Prepare comprehensive reports and documentation related to security compliance assessments audits and findings.
   • Maintain accurate records of compliance activities audit results and corrective actions taken.
   • Provide regular reports to management stakeholders and regulatory bodies as required.

Qualifications and Experience:

• Bachelor degree in Information Security/Systems Computer/Electronic Engineering Communications Engineering or related field and eight 8 years of experience in information security audit compliance risk management or related occupation
• Proven experience in security compliance risk management or a similar role
• Indepth knowledge of security standards frameworks and regulations (e.g. SOC2 ISO27001 GDPR HIPAA PCI DSS).
• Experience in design and implementation of information security policies and controls
• Experience with core security technologies such as security information and event monitoring systems (SIEM) firewalls network and host intrusion prevention and detection systems proxies vulnerability scanners and antivirus solutions
• Experience with cloud security management
• Demonstrated ability to understand and interpret audit as well as security requirements
• Superior interpersonal and communication skills
• One or more of the following certifications preferred: ISO 27001 LA CISSP CCSP CISA and PMP