Senior Penetration Tester

Join Fortinet, a cybersecurity pioneer with over two decades of excellence, as we continue to shape the future of cybersecurity and redefine the intersection of networking and security. At Fortinet, our mission is to safeguard people, devices, and data everywhere. We are currently seeking a dynamic Senior Penetration Tester to contribute to the success of our rapidly growing business.

You would act as Senior Penetration Tester for the Cloud Information Security team. It is a highly technical role assisting the Information Security leadership with security test and evaluation activities.

• Conducting regular penetration tests and security evaluations on Fortinet cloud products, covering web applications and server backend under various authentication levels to identify vulnerabilities and security risks.
• Investigating and writing POCs for published vulnerabilities and helping the production team evaluate the exploitability and risks.
• Participating in the design and implementation of cloud security posture management systems, primarily focusing on public IP scan and security exposure analysis.
• Conducting security reviews on system design and functional design, reviewing security flaws in programming regularly.
• Engaging in red team activities, specifically developing scripts and programs aimed at penetrating and infiltrating in-scope systems and ICT technologies.
• Collecting threat intelligence and evaluating/maintaining pentest tools.

• 3+ years of dedicated experience in an information security role with a strong penetration testing background (CVE, pentest reports, tech articles may be asked as proofs).
• Professional penetration testing skills on information technologies including operating systems, software frameworks, databases, web applications, and networks.
• Strong knowledge of the fundamentals of web applications including authentication, authorization, session management, HTTP protocol, web language, web server, and browser architecture and implementation principles.
• Proficient programming ability with programming languages to conduct security code reviews and develop scripts and programs to enrich security scan efficiency and penetration testing automation.
• Experience in software research and development is highly valued.
• Proven skills and expertise in using penetration testing tools, e.g., Nessus, Burp Suite.
• Demonstrated practices of using Kali Linux/Metasploit to craft POCs for known vulnerabilities.

Join our team, known for its collaborative ethos, working seamlessly with global customers, internal engineering teams, and product development groups. Our team culture emphasizes continuous learning, innovation, and a strong commitment to customer satisfaction. We embrace Fortinet’s core values of openness, teamwork, and innovation, fostering an environment where team members support each other, share knowledge, and leverage AI to solve complex technical challenges. Our inclusive and dynamic team thrives on collaboration and is driven by the shared goal of maintaining Fortinet’s high standards of excellence in cybersecurity solutions.

We encourage candidates from all backgrounds and identities to apply. We offer a supportive work environment and a competitive Total Rewards package to support your overall health and financial well-being.

Embark on a challenging, enjoyable, and rewarding career journey with Fortinet. Join us in bringing solutions that make a meaningful and lasting impact to our 660,000+ customers around the globe.

The Canada base salary range for this full-time position is expected to be between $95,000 - $120,000 annually. Wage ranges are based on various factors including the labor market, job type, and job level. Exact salary offers will be determined by factors such as the candidate’s subject knowledge, skill level, qualifications, and experience.

Fortinet strives to provide you and your family with a comprehensive benefits package. Benefits eligibility starts on your first day of hire and comprises 100% company-paid medical, dental, and vision coverage, including a Health Spending Account and a Personal Spending Account that gives you flexibility to spend where you need it the most. Our Employee & Family Assistance Plan (EFAP) offers you and your family access to various services like counseling, legal advice, and mental health resources. We also provide critical illness, disability, and life insurance, as well as a Group Registered Retirement Savings Plan (RRSP) with a company match to help you save faster for retirement. We offer competitive Paid Time Off and flexible leave policies, including paid health days, to help you take care of yourself and your family members.

All roles are eligible to participate in the Fortinet equity program. Bonus eligibility is reviewed at the time of hire and annually at the Company’s discretion.