You're using an older version of Internet Explorer that is no longer supported. Please update your browser.

Compliance Analyst

Ottawa, ON
Full Time
6 days ago
FIPS 140-2 and Common Criteria Compliance Analyst

Join our certification team to help manage certification projects and project deliverables, determine product requirements and develop certification related documentation (mainly FIPS 140-2 and Common Criteria) for Fortinet's products. Must be able to effectively manage multiple projects, keep stakeholders informed of project plans, and manage communication between stakeholders, testing organizations and Fortinet hardware and software developers. Product management and/or project management experience, understanding of network security, cryptography, and testing methodologies is an asset.

Job Responsibilities
    • Research certification requirements and translate them into product specific requirements and roadmaps • Create (author) documentation as required to support certification projects (e.g. FIPS Security Policies, entropy assessments, technotes, etc) • Assist the certification team with FIPS, Common Criteria and other certification projects • Product testing related to certification requirements and interoperability • Work with certification bodies, 3rd party test labs, , and internal Fortinet teams to coordinate activities • Support sales teams as a certifications subject matter expert

Job Skills Required

3-5 years' experience in or with one or more of the following:
    • FIPS 140-2/3 and Common Criteria certifications • Product management in a hi-tech environment • Technical writing and documentation creation • Security products such as firewalls, VPN/AS/AV/IPS appliances • Quality assurance testing

    • Experience with PKI infrastructure and X.509 certificates • General or specific knowledge of cryptography, cryptographic algorithms and protocols • Hands on experience with firewall policy configuration, IKE/IPSec VPN, SSL VPN, WiFi • Experience with threat analysis techniques or concepts • C/C++ coding experience • Experience with other certification standards or programs such as ICSA, IPv6, FCC, NEBS, etc.

Educational Requirements

Relevant University Degree/ College Diploma or equivalent experience


Quality Assurance