The main responsibilities of the analyst will be to hunt for advanced threats that could potentially impact our customers and organizations worldwide. This includes hunting for new malware, identifying new and existing campaigns, tracking and analyzing threat actors to ensure coverage and protections for customers of Fortinet Overall, the analyst will help facilitate and create threat intelligence products such as intelligence briefs, threat signals, playbooks, blogs and other media on a regular basis.
- Coordinate and manage response to breaking threats (Threat Signals), monitor underground forums as well as open-source intelligence outlets for new threats
- Create external facing content (blogs / micro blogs, playbooks, etc.) to promote the FortiGuard Labs brand
- Discover new and unique campaigns that can be leveraged into new research
- Track and analyze adversaries to understand their motivations working closely with our reverse engineers and data science personnel to create threat intelligence products intended for both internal and external audiences
- Perform initial dynamic reverse engineering of samples and be able to articulate findings
- Be the subject matter expert and provide training and materials to empower and build knowledge to support various groups, such as customer support, sales engineers, and others within FortinetCollaborate closely with the FortiGuard Labs teams, marketing teams and provide analysis and subject matter expertise to questions coming from various internal teams
- Support existing and new threat intelligence collaborations and relationships (including global CERT) from an analytical standpoint
- Develop longer term threat research to present at public security conferences or private closed sessions
- 5 + years program management experience
- 5 to 8 years experience working inside a threat intelligence or incident response environment preferred
- Understanding of intermediate network topology and fundamental knowledge of Unix and Linux required OSINT skills and an ability to think outside of the box when it comes to finding actors, campaigns, and malware
- General understanding of motivations behind known and unknown groups (economic, sociopolitical, etc.)
- Ability to assess and triage reported vulnerabilities (0-days and disclosed)
- Experience with of at least one scripting language: Shell, Ruby, Perl, Python, etc.
- Ability to data mine using YARA, RegEx or other techniques to identify new threats
- Experience with threat intelligence tools such as Maltego and Analyst Notebook
- Excellent written and verbal communication skills a must
- Highly motivated, self-driven and able to work both independently and within a team
- Previous experience working within internal PR teams and media
- Candidates with the following skills will be given preferential priority:
- Previous experience managing a vulnerability program (MAPP, etc.)
- Experience dealing with confidential information and material under NDA
- Experience working with C-suite level executives
- Experience working with security teams and vulnerability disclosures
- Experience handling requests from global LEO investigation
- Strong understanding of attacker and defender lifecycle, adversary TTP’s and kill chains
- Experience with threat intelligence sharing formats such as STIX and OPENIOC including Mitre ATT & CK Previous experience as a contributing member of a threat intelligence or incident response team
- Bachelor’s Degree in Computer Engineering, Computer Science or related field preferred
Fortinet is an Equal Opportunity employer.
We will only notify shortlisted candidates.
Fortinet will not entertain any unsolicited resumes, please refrain from sending them to any Fortinet employees or Fortinet email aliases.
Should any Agency submit any resumes to Fortinet, these resumes if considered, will be assumed to have been given by the Agency free of any related fees / charges.
About Us: Fortinet (NASDAQ: FTNT) secures the largest enterprise, service provider, and government organizations around the world. Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of The borderless network –today and into the future. Only the Fortinet Security Fabric architecture can deliver security features without compromise to address the most critical security challenges, whether in networked, application, cloud or mobile environments. Fortinet ranks number one in the most security appliances shipped worldwide and more than 450,000 customers trust Fortinet to protect their businesses.