Principal Fortinet Cybersecurity Engineer bei Aventiv Technologies

Welcome to Aventiv! Please watch this brief video to find out if this is the place you want to be!

Aventiv Technologies – Where your future awaits - YouTube

**Associate Referral Reward Eligible**

Job Purpose:

The Principal Fortinet Cybersecurity Engineer serves as a key leader in the organization’s cybersecurity network engineering initiatives. This individual brings a powerful combination of deep technical proficiency and strategic vision to architect, implement, and refine advanced network security solutions, with a strong emphasis on the Fortinet product ecosystem.

Acting as a thought leader, the Principal Engineer helps shape the organization's cybersecurity strategy while mentoring and guiding a team of skilled engineers. They are responsible for designing secure, resilient environments and driving ongoing enhancements to the company’s security posture. Their expertise plays a vital role in defending against complex cyber threats and ensuring the highest standards of digital asset protection.

Essential Duties

• Lead the design and development of comprehensive network security architectures, leveraging advanced Fortinet solutions including FortiGate firewalls, FortiManager, FortiAnalyzer, FortiSwitch, FortiAP, FortiClient EMS, and other Fortinet security technologies.
• Perform threat modeling, vulnerability assessments, and risk analysis to identify and mitigate potential security weaknesses.
•  Lead the comprehensive implementation and ongoing management of Fortinet Intrusion Prevention Systems (IPS) across the network, including the design of IPS profiles to detect and block threats.
• Develop and implement security best practices and policies within the Fortinet environment.
• Design secure solutions ensuring compliance with industry standards and regulatory frameworks (e.g., NIST SP 800-53, PCI-DSS).
• Oversee the deployment, integration, and configuration of Fortinet security solutions, including complex firewall rule sets, advanced IPSec/SSL VPNs, URL filtering, intrusion prevention, and other security features.
• Develop and maintain robust security policies, procedures, standards, and guidelines related to Fortinet deployments and overall information security posture.
• Ensure ongoing compliance with relevant security standards and regulatory requirements, conducting audits and implementing necessary controls.
• Serve as the highest level of escalation for complex network security issues, providing expert troubleshooting and resolution.
• Provide mentorship and training to junior members of the team, sharing your expertise and fostering their professional growth.
• Lead technical discussions, initiatives, and potentially act as a project leader for large-scale security projects.
• Create and maintain detailed documentation of network security architectures, configurations, policies, and procedures.
• Generate security reports and metrics to demonstrate compliance, highlight risks, and communicate security posture to stakeholders.
• Stay abreast of emerging cybersecurity threats, industry trends, and the latest Fortinet product updates and security features.
• Evaluate new security technologies and approaches to continuously enhance the organization's security capabilities.
•  Develop and enforce network segmentation, access control policies, and traffic filtering strategies.
•  Lead the deployment, configuration, and optimization of on-prem and cloud-based WAF instances (e.g., F5, Cloudflare, Akami, AWS) to provide robust protection for web applications and APIs.
•  Automate the review and audit of enterprise-wide firewall configurations to ensure compliance, optimize security posture, and identify misconfigurations or policy gaps.
•  Develop and execute a comprehensive cybersecurity network strategy that aligns with the organization's goals, identifies potential risks, and incorporates cutting-edge security practices.
•  Create, organize, and maintain comprehensive cybersecurity network documentation, including policies, procedures, and architectural diagrams, to ensure clear communication, knowledge sharing, and adherence to best practices.
•  Generate comprehensive reports to provide insights into network health, incidents, and security performance.
•  Evaluate and implement advanced network security tools and technologies, as well as automate security processes to enhance the organization's overall security posture and efficiency.
•  Represent Cybersecurity Engineering during internal meetings, contribute to organizational presentations where needed, and engage within the business to highlight Cybersecurity Engineering initiatives, and improve the department's overall transparency within the company.
• Perform other duties as assigned.

Knowledge, Skills, and Abilities

• Extensive hands-on experience with Fortinet firewalls, including TLS inspection/DPI and intrusion prevention systems (IPS).
• Proven ability to manage shifting priorities and dynamic workloads while consistently delivering high-quality results within tight deadlines.
• Self-motivated and quick to learn emerging technologies, tools, and methodologies in a fast-paced cybersecurity environment.
• Skilled at translating complex technical concepts into clear, business-relevant language for diverse stakeholders.
• Demonstrated adaptability, strong analytical and problem-solving skills, and meticulous attention to detail.
• Working knowledge of network infrastructure and security monitoring tools to support threat detection and incident response.
• Solid understanding of the software/application development lifecycle and the integration of security principles throughout each phase.
• Proven experience in designing, engineering, and implementing secure network architectures and solutions.
• Capable of identifying vulnerabilities and recommending effective mitigation strategies to reduce risk and strengthen defenses.
• Excellent written and verbal communication and interpersonal skills, with the ability to effectively collaborate with technical and non-technical stakeholders at all levels.
• Proficient in business productivity tools such as Microsoft Word, Excel, Outlook, and PowerPoint for documentation, reporting, and communication.

Minimum Qualifications

• High School or GED
• 10+ years of experience in network security engineering, with a strong focus on Fortinet products and solutions.
• Fortinet Certified Professional or above.
• In addition to the Fortinet certifications, one or more current security, network, and advanced AWS certifications such as:
  • CRISC, GIAC, or equivalent certification
  • AWS Security Specialist or Solutions Architect Professional
  • CCNA, CCNP Security, or equivalent certification
  • Additional Fortinet certifications
• Deep expertise in network security protocols, firewall administration, VPN technologies (IPSec, SSL), intrusion prevention/detection systems (IPS/IDS), and security information and event management (SIEM).
• Strong experience with Fortinet's entire security product portfolio, including FortiGate firewalls, FortiManager, FortiAnalyzer, FortiSwitch, FortiAP, FortiClient EMS, FortiGate APIs, and related technologies.
• Proven experience in designing, implementing, and upgrading complex Fortinet security solutions within large-scale networks.
• In-depth understanding of networking fundamentals (TCP/IP, BGP, OSPF, VLANs, QoS, NAT, DHCP, DNS) with a strong security context.
• Strong analytical, problem-solving, and troubleshooting skills, particularly for complex, multi-component security issues.
• Hands-on experience with enterprise-scale automation initiatives using tools such as Ansible, SaltStack, Python, and PowerShell to streamline security operations and infrastructure management.
• Deep expertise in aligning security practices with regulatory compliance frameworks including PCI-DSS, SOX, FedRAMP, HIPAA, and CJIS, ensuring audit readiness and risk mitigation.
• Strong understanding of network segmentation, access control models, and traffic filtering strategies to enforce least privilege and reduce attack surfaces.
• Highly proficient in advanced online research techniques to rapidly locate, validate, and synthesize technical information (Google-Fu).

Preferred Qualifications

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field or equivalent additional years of professional experience.
• 12+ years of experience in network security engineering, with a strong focus on Fortinet products and solutions.
• Fortinet Certified Solutions Specialist or above.
• CISSP certification or equivalent cybersecurity credential demonstrating advanced security expertise.
• Experience with CI/CD pipelines and tooling, including Jira, Confluence, GitLab, and Bitbucket, to support secure and efficient development workflows.
• Exposure to full-stack development environments, contributing to secure coding practices and application architecture.
• Extensive hands-on experience with Splunk for security event monitoring, log analysis, and threat detection.
• CISSP certification or equivalent cybersecurity credential demonstrating advanced security expertise.
• Experience with CI/CD pipelines and tooling, including Jira, Confluence, GitLab, and Bitbucket, to support secure and efficient development workflows.
• Exposure to full-stack development environments, contributing to secure coding practices and application architecture.
• Extensive hands-on experience with Splunk for security event monitoring, log analysis, and threat detection.

Physical Requirements

• While performing the duties of this job, the employee is regularly required to: stand, sit, talk, hear, and use hands and fingers to operate a computer, telephone, and a variety of office equipment.  

• Occasionally may need to reach, stoop, or kneel  

Salary and Benefits:

At Aventiv, our salary and benefits are designed to fit you as a whole person. We offer a salary range based on experience and qualifications to ensure your unique contributions are met with our most competitive offer.

• $151,726.09 - $172,967.74 per year
• Eligible for $255 to purchase company equipment (keyboard, monitor, headset, etc.)
• Health Insurance
• 401(k)
• Disability
• Life Insurance
• Paid Time Off
• Voluntary Benefits

Aventiv Privacy Policy:

www.aventiv.com/privacy

Equal Employment Policy:

Aventiv is proud to be an equal opportunity employer. All decisions regarding recruiting, hiring, promotion, assignment, training, termination and other terms and conditions of employment will be made without regard to race, color, national origin, biological sex, sexual orientation, gender identity, gender expression, gender presentation, religion, age, pregnancy, disability, work-related injury, veteran status, genetic information, marital status, or any other factor that the law protects from employment discrimination. We do not discriminate based on genetic information in accordance with the Genetic Information Nondiscrimination Act.