Deputy General Manager - Cloud & Security Network Operations & Support

Deputy General manager -Fortinet Extended Security Specialist (XDR/EDR/NDR)

Overview

We are seeking a proactive and deeply technical Fortinet Extended Security Specialist to spearhead the deployment, optimization, and daily operation of our Fortinet-centric security ecosystem. The core focus of this role is on End-User and Data Center security, leveraging Extended Detection and Response (XDR), Endpoint Detection and Response (EDR), and Network Detection and Response (NDR) tools to hunt, detect, and neutralize advanced cyber threats. The Senior NOC/SOC Operations Engineer will be responsible for end-to-end management of Fortinet-based security detection and response platforms including XDR (Extended Detection & Response), EDR (Endpoint Detection & Response), and NDR (Network Detection & Response).

This role involves real-time security monitoring, incident detection, investigation, and automated response orchestration across Telco-grade infrastructures. The engineer will work across multiple security layers (endpoint, network, and cloud) to detect, prevent, and remediate advanced threats, ensuring business continuity and compliance with organizational SLAs and regulatory frameworks.

End-User Security Operations Requirements

This role requires the application of a structured, operational approach to security:

• Security Playbook Development:
• Zero Trust Enforcement:
• Vulnerability Management Cycle:
• Reporting and Metrics:

Key Responsibilities

Extended Detection & Response (XDR) Management[Fortinet Security Fabric / FortiXDR]

• Design, implement, and manage the FortiXDR platform to correlate alerts from endpoints, network, and cloud environments.
• Develop custom automation playbooks (SOAR functions) within the Fortinet Security Fabric to orchestrate automated incident response and remediation actions across multiple security products.
• Manage and monitor Fortinet XDR platform integrating data from FortiGate, FortiAnalyzer, FortiEDR, and FortiNDR
• Correlate cross-domain telemetry (endpoint, network, and application) to detect multi-vector threats.
• Implement automated playbooks and response workflows for faster incident containment.
• Fine-tune detection rules, correlation policies, and event suppression logic to reduce false positives.
• Maintain integration with SOAR/SIEM tools (e.g., FortiSIEM, IBM QRadar, Splunk) for event orchestration.
• Tune and maintain the centralized Fortinet management tools (FortiManager/FortiAnalyzer) for logging, reporting, and policy management.

Endpoint Security Operations (EDR) [FortiEDR / FortiClient EMS]

• Deploy, administer, and manage the FortiEDR solution across all enterprise workstations, servers, and virtual desktops.
• Monitor behavioral analytics, malware detections, and exploit prevention events.
• Perform endpoint triage and forensic analysis for incident containment and RCA.
• Coordinate policy updates for exploit mitigation, ransomware protection, and process injection prevention.
• Integrate EDR insights into XDR dashboards and SOC automation workflows.
• Manage security policies, file quarantine, remote shell access, and rollback procedures for malware outbreaks and endpoint compromises.

Network Security & Detection (NDR)[FortiNDR / FortiAnalyzer / FortiGate Analytics]

• Utilize FortiNDR (or related FortiGate/FortiAnalyzer network logs and sensors) to monitor network traffic for anomalies, lateral movement, and command-and-control (C2) activity.
• Manage network-based detection for lateral movement, data exfiltration, and zero-day exploits.
• Monitor and analyze packet capture data, threat signatures, and ML-based anomaly alerts.
• Maintain integration with FortiAnalyzer for flow-based analytics, IOC correlation, and alert enrichment.
• Assist in developing network visibility maps and baselines for anomaly detection.
• Configure deep packet inspection and behavioral analysis rules to detect threats missed by traditional signature-based security controls.
• Integrate network flow data with the XDR platform to enhance the correlation and context of security incidents.

Incident Response and SecOps

• Act as a Incident Responder for complex and persistent threats, leading technical investigation, containment, eradication, and recovery efforts.
• Perform L0L3 security incident management from event triage to resolution.
• Conduct root cause analysis (RCA) for security incidents and generate post-incident reports.
• Work closely with SOC/NOC/Network and Cloud teams for coordinated mitigation.
• Participate in threat hunting and behavioral analytics to identify undetected compromises.
• Support policy and configuration hardening for all Fortinet appliances and endpoints.
• Collaborate with the Security Operations Center (SOC) team to transition high-fidelity alerts into documented and repeatable response playbooks.
• Conduct regular vulnerability assessments on the end-user environment and track remediation efforts.

Key Skills and Qualifications

• Fortinet Expertise
• Deep understanding of EDR/XDR/NDR
• Cyber security concepts
• OS
• Automation &Scripting

Certification Details

Desirable

Fortinet Certified Professional (FCP) - Security Operations

Fortinet Certified Solution Specialist (FCSS) - Security Operations

Fortinet NSE 6 - FortiEDR Administrator Fortinet NSE 6 - FortiAnalyzer Administrator

Certified Information Systems Security Professional (CISSP) or CompTIA Security+