FortiSIEM & FortiSOAR Security Engineer

Location: Dubai

This role follows a rotating shift schedule as part of 24/7 SOC operations.

In this role, you will be responsible for onboarding new applications, developing security rules, creating reports, and optimizing alerting & monitoring within the FortiSIEM and FortiSOAR platforms. The ideal candidate should have a strong understanding of SIEM and SOAR technologies, particularly FortiSIEM and FortiSOAR, with the ability to design and implement security monitoring and automation solutions.

FortiSIEM Responsibilities

Application Onboarding

• Integrate & configure security data sources in FortiSIEM.
• Troubleshoot data ingestion & log collection issues.

Rule Development & Customization

• Design & fine-tune correlation rules for threat detection.
• Develop & update custom SIEM rules.

Use Case Development

• Implement use cases for Intrusion Detection, Anomalous Activity & Threat Hunting.
• Translate business processes into actionable SIEM use cases.

Alerting & Monitoring

• Configure real-time security alerts & automated responses.
• Monitor SIEM system health & performance.

Reporting & Dashboards

• Design custom dashboards & reports.
• Generate trend analysis for vulnerabilities & threats.

Security Incident Response

• Assist in investigating & mitigating security incidents.
• Utilize FortiSIEM reports for threat detection.

Continuous Improvement

• Stay updated on emerging threats & SIEM enhancements.
• Improve SIEM efficiency, automation & response strategies.

FortiSOAR Responsibilities

SOAR Implementation & Playbooks

• Design, deploy, and optimize FortiSOAR automation workflows.
• Build custom connectors & playbooks for security tool integration.

Incident Response Automation

• Configure triage & auto-remediation workflows.
• Enhance alert prioritization & reduce false positives.

Infrastructure & System Management

• Manage FortiSOAR in on-prem & cloud environments.
• Set up dashboards, reports, and incident war rooms.

Threat Detection & Response

• Automate threat intelligence ingestion & correlation.
• Utilize Jinja filters & automation functions.

Client Support & Pre-Sales

• Provide technical training & expertise to security teams.
• Assist in pre-sales & business development.

Service Delivery & Documentation

• Maintain SLAs, KPIs, and workflow documentation.
• Support 24×7 on-call security escalations.

Technical Skills

• Strong hands-on experience with FortiSIEM and FortiSOAR (configuration, deployment, and optimization).
• Expertise in log aggregation, event correlation, and SIEM alerting mechanisms.
• Experience with playbook development and security automation using SOAR.
• Knowledge of network security, threat intelligence, and intrusion detection systems (IDS/IPS).
• Proficiency in scripting & automation (Python, Bash, PowerShell, KQL, GO, Jinja).
• Understanding of cloud-based and hybrid environments and their integration with SIEM/SOAR solutions.

Security Knowledge

• Familiarity with cybersecurity frameworks (NIST, ISO 27001, MITRE ATT&CK, etc.).
• Understanding of firewalls, endpoint detection & response (EDR), and other security tools.
• Experience with SIEM platforms such as Splunk, Microsoft Sentinel, QRadar, and Securonix is preferred.

Soft Skills

• Strong problem-solving and troubleshooting abilities.
• Excellent communication skills to collaborate with technical & non-technical teams.
• Ability to work in a fast-paced, dynamic environment with tight deadlines.
• Should be ready to work in shifts/ weekends.

Preferred Certifications

NSE 6 FortiSOAR Administrator

NSE 7 FortiSOAR Design and Development (Architect)

Fortinet NSE Certification (FortiSIEM/FortiSOAR specific)

ISC2 Certified Information Systems Security Professional (CISSP)

Certified Ethical Hacker (CEH)

CompTIA Security+

Certified Information Security Manager (CISM)

ITIL Accreditation (Preferred)

Send your resume to: career@qpointme.com

Applicants should send an email with the subject “SOC Analyst Application – FortiSIEM & FortiSOAR Experience.”