Job Description

We are hiring a FortiSIEM Administrator to manage and maintain our SIEM infrastructure and security tools. The ideal candidate will have deep experience in SIEM architecture (FortiSIEM), EDR, DLP, and a sound understanding of cybersecurity frameworks like MITRE ATT&CK, NIST, CIS Controls, and ISO 27001. The role requires someone who can ensure complete visibility and protection of IT assets while supporting incident response and compliance.
Tasks

• Deploy, configure, and maintain the FortiSIEM platform for real-time monitoring and alerting.
• Integrate log sources across firewalls, servers, endpoints, and cloud environments.
• Develop and manage SIEM rules, parsers, dashboards, and alerts.
• Operate and optimize EDR, DLP, and other advanced security tools.
• Conduct incident triage, investigation, and provide root cause analysis.
• Align monitoring and response activities with MITRE ATT&CK, NIST, CIS Controls, and ISO 27001 frameworks.
• Collaborate with SOC, infrastructure, and application teams for end-to-end threat visibility.
• Maintain updated documentation and support internal and external security audits.
• Ensure regular health checks, version upgrades, and platform tuning for performance

• 3-6 years of experience in cybersecurity with a focus on SIEM administration (preferably FortiSIEM).
• Hands-on expertise in deploying and managing EDR, DLP, and other endpoint security tools.
• Good understanding of SIEM architecture, log ingestion, and threat correlation.
• Knowledge of networking fundamentals, TCP/IP, firewalls, VPNs, and IDS/IPS.
• Familiarity with security frameworks like MITRE ATT&CK, NIST, CIS Controls, and ISO 27001.
• Scripting knowledge (PowerShell, Python, Bash) is an advantage.
• Fortinet certification (e.g., NSE 5/7) is a plus.

• Experience with cloud platforms (AWS, Azure) and cloud security monitoring.
• Exposure to other SIEM tools (Splunk, QRadar, etc.) is beneficial.
• Experience in compliance-driven environments (PCI-DSS, SOC 2, etc.).