Senior Security Engineer

Join Fortinet, a cybersecurity pioneer with over two decades of excellence, as we continue to shape the future of cybersecurity and redefine the intersection of networking and security. At Fortinet, our mission is to safeguard people, devices, and data everywhere. We are currently seeking a dynamic Senior Security Engineer to contribute to the success of our rapidly growing business.

You would act as Senior Security Engineer for Corporate Information Security Team. This is a highly technical role, and as a senior position, requires extensive knowledge of many domains in the information security and IT management realm, as well as deep and wide knowledge of threat hunting and incident response processes and techniques, the Fortinet fabric, applications, and products.  This position will entail API scripting and script-based integration between various products and data sources/sinks. Candidate must be able to participate in security infrastructure design and maintenance including hardware racking and troubleshooting in our US based datacenters.

As a Senior Security Engineer, your responsibilities will include:

• Connect data sources and sinks in the various infosec platforms and tools to improve, scale and streamline Security Operations, Threat Hunting, Incident Response, and compliance reporting workflows across the CIS team.
• Improve CIS systems usability and utility for the entire CIS team.
• Serve as an internal subject matter expert to assess cyber threats and to secure the organization by leading in IR, TH, re-architecture, and remediation efforts.
• Understand and improve the completeness and visibility of global log/event data while delivering useful dashboards, alerts and automation integration to the IR, TH, and SOC teams.
• Maintain and improve infosec systems to provide maximum uptime, scalability, continuity, functionality, and integration with the Fortinet Security Fabric and third-party/fabric-partner tools.
• Identify gaps in infosec infrastructure security visibility, working with internal teams and developers to remedy and improve our systems and products. 
• Perform Blue/Red exercises against our infrastructure to validate event parsing, alerting fidelity, incident veracity and SOC response.
• Work with SOC team to identify visibility gaps, system usability issues, and to deliver infosec tooling improvements via configuration, parser improvement, or by raising bugs and NFR’s to development teams.
• Develop, implement, and communicate vulnerability mitigation strategies to IT and development teams
• Identify, document, and monitor tactics, techniques, and procedures used by threat actors targeting Fortinet and the broader industry. Proactively research new attack vectors that may affect Fortinet infrastructure and applications.
• Develop strategies, evaluate solutions, design, and implement tools, processes, and controls to validate and ensure that security and privacy are designed into Fortinet infrastructure and applications while adhering to policy, compliance, and governance requirements.
• Be part of a global distributed team to share knowledge, workload, and assignments. Strong sense of teamwork is required. Cross train with peers in security concepts and best practices.  A hunger for knowledge sharing and growth are essential in this team.

 

We are looking for: 

• 8+ years of work experience in infosec, with preference for candidates adept with SOC tools such as FortiSOAR, FortiSIEM, FortiClient, FortiEDR and working knowledge of other core Fortinet products.
• 4+ years of experience with penetration and vulnerability testing, blue/red teaming, IR.
• Practical understanding of tactical application of various compliance frameworks including monitoring and validating compliance.
• Strong understanding of computer and network security, protocols, packet analysis, authentication & authorization, security protocols and attack methods.
• Proven programming/scripting experience with the ability to develop custom scripts to automate or simplify tasks and data gathering/munging.
• Experience with vulnerability scanners like Qualys, Tenable/Nessus, Nexpose, Whitehat Sentinel, Acunetix or similar.
• Experience with forensic data capture, evidence preservation and data extraction and analysis.
• Proficiency with administrative operation, configuration, and debugging/troubleshooting of Linux, Windows, MacOS, Active Directory, Exchange etc. and SSO/MFA technologies.
• Ability to organize & communicate effectively, both written and verbal, with technical and non-technical people across functional teams.
• A BS degree in Computer Science, Cyber Security, other tech-related degree, or equivalent experience.
• CISSP, NSE or similar certification or proven knowledge and experience.

 

About Our Team:

Join our team, known for its collaborative ethos, working seamlessly with global customers, internal engineering teams and product development groups. Our team culture emphasizes continuous learning, innovation, and a strong commitment to customer satisfaction. We embrace Fortinet’s core values of openness, teamwork and innovation, fostering an environment where team members support each other, share knowledge, and leverage AI to solve complex technical challenges. Our inclusive and dynamic team thrives on collaboration and is driven by the shared goal of maintaining Fortinet’s high standards of excellence in cybersecurity solutions.

Why Join Us:

We encourage candidates from all backgrounds and identities to apply. We offer a supportive work environment and a competitive Total Rewards package to support you with your overall health and financial well-being. 

Embark on a challenging, enjoyable, and rewarding career journey with Fortinet. Join us in bringing solutions that make a meaningful and lasting impact to our 660,000+ customers around the globe.

 

The US base salary range for this full-time position is $140,000 - $170,000. Fortinet offers employees a variety of benefits, including medical, dental, vision, life and disability insurance, 401(k), 11 paid holidays, vacation time, and sick time as well as a comprehensive leave program.

Wage ranges are based on various factors including the labor market, job type, and job level. Exact salary offers will be determined by factors such as the candidate's subject knowledge, skill level, qualifications, experience, and geographic location.

All roles are eligible to participate in the Fortinet equity program, Bonus eligibility is reviewed at time of hire and annually at the Company’s discretion.

#GD

Join Fortinet, a cybersecurity pioneer with over two decades of excellence, as we continue to shape the future of cybersecurity and redefine the intersection of networking and security. At Fortinet, our mission is to safeguard people, devices, and data everywhere. We are currently seeking a dynamic Senior Security Engineer to contribute to the success of our rapidly growing business.