Please contact your Administrator to change your authorization settings.
Security and Compliance Analyst
Job Summary: We are seeking a highly skilled and motivated Security and Compliance Analyst to join our dynamic team. The ideal candidate will play a crucial role in ensuring the security and compliance of our organization by supporting the implementation of ISO 27001 and conducting internal audits. The candidate should also have expertise in other compliance standards such as SOC 2, HIPAA, FedRAMP, and other relevant frameworks. This position requires a detail-oriented individual with strong analytical and communication skills and solid understanding of security concepts, processes, and technologies.
Job Responsibilities:
- ISO 27001 Implementation:
- Support the implementation of ISO 27001 Information Security Management System (ISMS) program and relevant certifications.
- Collaborate with cross-functional teams to establish and maintain security policies, procedures, and controls.
- Internal Audits:
- Plan, execute, and manage internal audits to assess compliance with ISO 27001 standards and other relevant standards.
- Identify areas of improvement and provide recommendations for enhancing security and compliance measures.
- Compliance Standards:
- Stay current on industry-specific compliance standards such as SOC 2, HIPAA, FedRAMP, and others applicable to the organization.
- Implement and manage compliance programs to meet regulatory requirements.
- Risk Management:
- Conduct risk assessments and work with relevant teams to develop mitigation strategies.
- Documentation and Reporting:
- Maintain accurate and up-to-date documentation related to security and compliance activities.
- Prepare and deliver reports to management on the status of security and compliance initiatives.
- Collaboration:
- Collaborate with internal teams, external auditors, and third-party vendors to facilitate compliance assessments and audits.
Qualifications:
- Bachelor's degree in information security, Computer Science, or a related field.
- Professional certifications such as CISA, CISSP, ISO 27001 Lead Auditor, or equivalent.
- Proven experience in implementing ISO 27001 and conducting internal audits.
- Familiarity with other compliance standards such as SOC 2, HIPAA, FedRAMP, etc.
- Strong understanding of risk management principles and methodologies.
- Excellent communication and interpersonal skills.
- Ability to work independently and as part of a team.
- Experience with GRC tools.
The US base salary range for this full-time position is $120,000-$165,000. Fortinet offers employees a variety of benefits, including medical, dental, vision, life and disability insurance, 401(k), 11 paid holidays, vacation time, and sick time as well as a comprehensive leave program.
Wage ranges are based on various factors including the labor market, job type, and job level. Exact salary offers will be determined by factors such as the candidate's subject knowledge, skill level, qualifications, experience, and geographic location.
All roles are eligible to participate in the Fortinet equity program, Bonus eligibility is reviewed at time of hire and annually at the Company's discretion.
#LI-BHAVYA
EEOC / AAPAccommodation: If you are an individual with a disability and require a reasonable accommodation to complete any part of the application process, or are limited in the ability or unable to access or use this online application process and need an alternative method for applying, you may contact Fortinet, Inc at (408) 235-7700 of accommodations@fortinet.com for assistance.EEO: All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.