Security Compliance Analyst

As a Security Compliance Analyst your role is crucial in ensuring that Fortinets information systems and processes comply with relevant security standards regulations and policies. You will be responsible for evaluating developing and maintaining the organizations security compliance framework conducting audits and assessments and recommending corrective actions to mitigate risks. Your expertise in security compliance will help safeguard Fortinets sensitive data and maintain a robust security posture.

Duties and Responsibilities:

1. Compliance Assessment:
   • Perform regular assessments and audits of the organizations security controls policies and procedures.
   • Identify potential vulnerabilities risks and compliance gaps through comprehensive reviews and analysis.
   • Evaluate compliance with relevant regulatory frameworks such as SOC2 ISO27001 GDPR HIPAA PCI DSS and others.
   • Collaborate with stakeholders to understand business requirements and ensure compliance measures align with industry standards.
2. Compliance Framework Development:
   • Develop and maintain an effective security compliance framework that aligns with organizational goals and objectives.
   • Create and update policies standards and guidelines to address emerging security threats and regulatory changes.
   • Design and implement security controls procedures and technical safeguards to ensure compliance across the organization.
3. Risk Assessment and Management:
   • Conduct risk assessments to identify potential security vulnerabilities and recommend appropriate risk mitigation strategies.
   • Collaborate with crossfunctional teams to implement risk management frameworks and ensure compliance with risk management policies.
   • Provide guidance and support to stakeholders in understanding and addressing securityrelated risks.
   • Monitor and report on the effectiveness of risk mitigation strategies.
4. Documentation and Reporting:
   • Prepare comprehensive reports and documentation related to security compliance assessments audits and findings.
   • Maintain accurate records of compliance activities audit results and corrective actions taken.
   • Provide regular reports to management stakeholders and regulatory bodies as required.

Qualifications and Experience:

• Bachelor degree in Information Security/Systems Computer/Electronic Engineering Communications Engineering or related field and eight (8) years of experience in information security audit compliance risk management or related occupation
• Proven experience in security compliance risk management or a similar role
• Indepth knowledge of security standards frameworks and regulations (e.g. SOC2 ISO27001 GDPR HIPAA PCI DSS).
• Experience in design and implementation of information security policies and controls
• Experience with core security technologies such as security information and event monitoring systems (SIEM) firewalls network and host intrusion prevention and detection systems proxies vulnerability scanners and antivirus solutions
• Experience with cloud security management
• Demonstrated ability to understand and interpret audit as well as security requirements
• Superior interpersonal and communication skills
• One or more of the following certifications preferred: ISO 27001 LA CISSP CCSP CISA and PMP

The Canada base salary range for this fulltime position is expected to be between $106700 $130500 annually. Wage ranges are based on various factors including the labour market job type and job level. Exact salary offers will be determined by factors such as the candidates subject knowledge skill level qualifications and experience.

Fortinet strives to provide you and your family with a comprehensive benefits package. Benefits eligibility starts on your first day of hire and comprises of 100% company paid medical dental and vision coverage including a Health Spending Account and a Personal Spending Account that gives you flexibility to spend where you need it the most. Our Employee & Family Assistance Plan (EFAP) offers you and your family access to various services like counseling legal advice mental health resources etc. We also provide critical illness disability and life insurance as well as a Group Registered Retirement Savings Plan (RRSP) with a company match to help you save faster for retirement. We offer competitive Paid Time Off and flexible leave policies including paid health days to help you take care of yourself and your family members.

All roles are eligible to participate in the Fortinet equity program. Bonus eligibility is reviewed at time of hire and annually at the Companys discretion.