Job Description

Endpoint Protection (FortiEDR) & Asset Discovery and Vulnerability Scanning (Nozomi)

Purpose: Define senior contractor profiles to lead the technology work for IT Technology Platform (ITTP) over the next ~3 months, closing deliverable gaps and enabling scalable, secure deployments.

1) Senior Endpoint Protection Engineer (FortiEDR)

Purpose: Own the productization and secure deployment of FortiEDR (Core/Aggregator) across our target environments, reviewing existing assets and completing missing deliverables.


Core technical skills:

o

Expert hands-on with FortiEDR architecture, policies, secure network/port configuration, and integrations.

o

Proven installation/hardening across mixed OS estate: Windows Server 2019/2022, Windows 10/11 LTSC, Ubuntu 18.04/20.04, SUSE Linux; mitigation approach for industrial/PLC OS.

o

Author automation (installation/config scripts), repeatable deployment steps, and hardening checklists.

o

Develop requirements and test cases; validate against pilot acceptance criteria.


Key deliverables:

o

Reviewed & updated requirements/design, closing gaps in current set.

o

Secure deployment playbook + scripts; baseline policies per endpoint type.

o

Test evidence aligned to pilot ACs; handover notes for IT Delivery.

2) Senior Asset Discovery & Vulnerability Engineer (Nozomi)

Purpose: Lead productization and secure deployment of Nozomi (Guardian in all zones, CMC in iDMZ, Vantage connectivity), ensuring effective asset discovery and vulnerability detection at scale.


Core technical skills:

o

Deep experience with Nozomi Guardian/CMC/Vantage: placement, tuning, secure onboarding, and data flows.

o

Install and securely configure sensors/collectors; define monitoring hooks (SIEM feed as roadmap).

o

Review existing productization assets (installation manuals, high-level requirements), identify gaps vs. process, and create missing deliverables.

o

Write requirements, test cases, implementation/config scripts; validate against pilot acceptance criteria.


Optional / nice to have:

o

Familiarity with DOS Maximo and CMDB enrichment flows to assess MVP scope and plan integration work.


Key deliverables:

o

Updated blueprint and deployment playbook for Guardian/CMC/Vantage.

o

Evidence that assets and vulnerabilities are detected as expected (pilot ACs).

o

Handover notes and operational runbook for IT Delivery.


Mindset & ways of working (applies to both roles)

o

Senior level: operates autonomously and delivers with minimal guidance; owns outcomes end-to-end.

o

Rapid onboarding: gets up to speed quickly in a new team/environment by leveraging existing documentation while identifying gaps.

o

Productization mindset: works from requirements design scripts tests handover; focuses on standard, repeatable deliverables.

o

Pragmatic & collaborative: coordinates with module teams on scope decisions (e.g., Maximo) and works closely with IT Delivery for deployments/testing.