Senior FortiSIEM Security Engineer

Level 3 |6- 9 YRS

Job Description:
We are seeking an experienced FortiSIEM Security Engineer to join our cybersecurity team. In this role, you will be responsible for the onboarding of new applications, creating development rules, generating security reports, and developing use cases for alerting and monitoring activities within the FortiSIEM platform. The ideal candidate should have a strong understanding of SIEM technologies, particularly FortiSIEM, and the ability to design and implement security monitoring and reporting solutions.
Key Responsibilities:

Application Onboarding: Integrate and configure various security data sources, network devices, applications, and infrastructure into the FortiSIEM platform. Troubleshoot and resolve data ingestion issues, ensuring the seamless flow of security logs and events into FortiSIEM.
Rule Development Customization: Design, implement, and optimize correlation rules for event detection and security incident management. Develop custom rules tailored to the organizations security needs and use cases. Regularly update and fine-tune correlation rules to reduce false positives and improve incident detection.
Use Case Development: Design and implement security use cases that align with organizational security objectives, such as intrusion detection, anomalous activity detection, and threat hunting. Work with cross-functional teams to understand business processes and translate them into actionable use cases within the FortiSIEM system.
Alerting Monitoring: Configure and optimize alerting mechanisms for real-time security monitoring and incident response. Create automated response workflows to minimize the impact of security incidents. Monitor the performance and health of the SIEM system to ensure data is processed efficiently.
Reporting Dashboards: Design and implement customized security reports, dashboards, and visualization tools to communicate security metrics and incidents to stakeholders. Generate regular reports to track trends, vulnerabilities, and other security-related activities.
Security Incident Response: Provide support during security investigations by utilizing the data and reports generated by FortiSIEM. Assist in identifying, containing, and remediating security incidents based on findings from the SIEM.
Continuous Improvement: Stay up-to-date with emerging security threats and ensure the FortiSIEM system is updated to detect and respond to new attack vectors. Collaborate with other security engineers to improve SIEM processes, detection rules, and response strategies.

Required Skills Experience:

Technical Skills: Strong hands-on experience with FortiSIEM platform, including setup, configuration, and administration. In-depth knowledge of security information and event management (SIEM) concepts. Experience with event correlation, log aggregation, and alerting mechanisms. Knowledge of network security, threat intelligence, and intrusion detection systems. Familiarity with scripting and automation (e.g., Python, Bash, PowerShell) to support SIEM tasks. Experience with cloud-based and hybrid environments and integrating SIEM solutions in those environments.
Security Knowledge: Knowledge of cybersecurity frameworks, compliance requirements, and industry best practices (e.g., NIST, ISO 27001). Understanding of various security technologies and solutions, such as firewalls, IDS/IPS, endpoint detection and response (EDR), etc.
Soft Skills: Strong problem-solving and troubleshooting abilities. Excellent communication skills for collaborating with technical and non-technical teams. Ability to work in a fast-paced, dynamic environment with tight deadlines.

Skills:

• Security Infrastr Service Ctr
• Linux
• Security Infrastructure Supprt
• Security Operations Center

.