SOC Use Case Specialist

SOC (Security Operations Center) Use Case Specialist is responsible for studying security data and logs, designing and implementing queries, rules and reports to detect security threats and training SOC analysts to triage and respond. They work closely with a team of security analysts to identify, investigate, and respond to security threats within Fortinet SOC.

Experience Level - 5+ Years

Key responsibilities include:

• Strong understanding of threat detection technologies such as Next-Gen Firewalls, endpoint protection and EDR solutions. Experience with Fortinet products such as FortiGate, FortiClient and FortiEDR is a bonus.
• Good understanding of common security log sources across different Operating systems, common services and security devices. Experience with Fortinet product logs is a bonus.
• Develop SOC monitoring use cases based on detection technologies, available data sources and applicable threats vectors across both IT and OT.
• Implement and test SOC monitoring use cases using security tools and technologies such as SIEM and SOAR from development to PoC, Staging and production stages. Experience with Fortinet SecOps products such as FortiAnalyer, FortiSIEM and FortiSOAR is a bonus.
• Experience with DB query languages such as SQL and scripting languages such as Python, Bash, Powershell to retrieve, analyze and visualize security data in different SOC reports.
• Good understanding of cybersecurity frameworks such as MITRE and its tactics and techniques including ICS domain to organize SOC use case development work and gap analysis.
• Collaborating with cross-functional teams, including SOC teams to ensure SOC monitoring use cases are implemented and maintained well. Furthermore provide guidance and expertise to operation teams on triage and response steps.
• Keeping up-to-date with industry trends and developments in cybersecurity and continuously improving the security operations center to meet changing security needs.

The ideal candidate will have experience in cybersecurity, incident response and security engineering. Strong problem-solving, analytics and communication skills are also important for this role, as well as relevant certifications such as CISSP, CISM, or CEH.

The Canada base salary range for this full-time position is expected to be between $94,000 - $127,000 annually. Wage ranges are based on various factors including the labour market, job type, and job level. Exact salary offers will be determined by factors such as the candidate's subject knowledge, skill level, qualifications, and experience.

Fortinet strives to provide you and your family with a comprehensive benefits package. Benefits eligibility starts on your first day of hire and comprises of 100% company paid medical, dental, and vision coverage, including a Health Spending Account and a Personal Spending Account that gives you flexibility to spend where you need it the most. Our Employee & Family Assistance Plan (EFAP) offers you and your family access to various services like counseling, legal advice, mental health resources etc. We also provide critical illness, disability, and life insurance, as well as a Group Registered Retirement Savings Plan (RRSP) with a company match to help you save faster for retirement. We offer competitive Paid Time Off and flexible leave policies, including paid health days, to help you take care of yourself and your family members.

All roles are eligible to participate in the Fortinet equity program. Bonus eligibility is reviewed at time of hire and annually at the Company's discretion.

#GD