We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
Fortinet jobs

Security Compliance Analyst

Fortinet
United States, Virginia, Herndon
Apr 04, 2025

Position Overview: As a Security Compliance Analyst, your role is crucial in ensuring that Fortinet's information systems and processes comply with relevant security standards, regulations, and policies. You will be responsible for evaluating, developing, and maintaining the organization's security compliance framework, conducting audits and assessments, and recommending corrective actions to mitigate risks. Your expertise in security compliance will help safeguard Fortinet's sensitive data and maintain a robust security posture.

Duties and Responsibilities:



  1. Compliance Assessment:

    • Perform regular assessments and audits of the organization's security controls, policies, and procedures.
    • Identify potential vulnerabilities, risks, and compliance gaps through comprehensive reviews and analysis.
    • Evaluate compliance with relevant regulatory frameworks, such as SOC2, ISO27001, GDPR, HIPAA, PCI DSS, and others.
    • Collaborate with stakeholders to understand business requirements and ensure compliance measures align with industry standards.

  2. Compliance Framework Development:

    • Develop and maintain an effective security compliance framework that aligns with organizational goals and objectives.
    • Create and update policies, standards, and guidelines to address emerging security threats and regulatory changes.
    • Design and implement security controls, procedures, and technical safeguards to ensure compliance across the organization.

  3. Risk Assessment and Management:

    • Conduct risk assessments to identify potential security vulnerabilities and recommend appropriate risk mitigation strategies.
    • Collaborate with cross-functional teams to implement risk management frameworks and ensure compliance with risk management policies.
    • Provide guidance and support to stakeholders in understanding and addressing security-related risks.
    • Monitor and report on the effectiveness of risk mitigation strategies.

  4. Documentation and Reporting:

    • Prepare comprehensive reports and documentation related to security compliance assessments, audits, and findings.
    • Maintain accurate records of compliance activities, audit results, and corrective actions taken.
    • Provide regular reports to management, stakeholders, and regulatory bodies as required.



Qualifications and Experience:



  • Bachelor degree in Information Security/Systems, Computer/Electronic Engineering, Communications Engineering or related field, and eight (8) years of experience in information security, audit, compliance, risk management or related occupation
  • Proven experience in security compliance, risk management, or a similar role
  • In-depth knowledge of security standards, frameworks, and regulations (e.g., SOC2, ISO27001, GDPR, HIPAA, PCI DSS).
  • Experience in design and implementation of information security policies and controls
  • Experience with core security technologies such as security information and event monitoring systems (SIEM), firewalls, network and host intrusion prevention and detection systems, proxies, vulnerability scanners, and anti-virus solutions
  • Experience with cloud security management
  • Demonstrated ability to understand and interpret audit, as well as security requirements
  • Superior interpersonal and communication skills
  • One or more of the following certifications preferred: ISO 27001 LA, CISSP, CCSP, CISA, and PMP

Applied = 0
MORE JOBS LIKE THIS

(web-5b5fbb9bdf-cnfh5)