Expoint - all jobs in one place

המקום בו המומחים והחברות הטובות ביותר נפגשים

Limitless High-tech career opportunities - Expoint

Fortinet Senior Insider Threat Security Engineer 
United States, California, Sunnyvale 
391339760

15.08.2024

Fortinet is looking for a Senior Insider Threat Security Engineer to join the Corporate Information Security team. This is a highly technical role, and as a senior position, requires extensive knowledge of many domains in the information security and human behavior realms, as well as experienced knowledge of insider threat types, investigative techniques, OSINT, APT and threat actor TTP’s, legal, privacy regulations and social engineering. US Citizen and US based candidate required, prefer multilingual.

Job Summary/Objective:

  • Provide expertise in identifying, assessing, and mitigating insider threats to the organization's information security.
  • Monitor and analyze internal network activity, user behavior, and data access patterns to detect potential insider threats.
  • Collaborate with cross-functional teams to develop strategies and policies for detecting, preventing, and responding to insider threats.

Responsibilities:

  • Conduct ongoing monitoring and analysis of user activity, system logs, and network traffic to detect anomalies and potential insider threats.
  • Investigate suspicious activities, including unauthorized access, data exfiltration, and policy violations, to determine the root cause and assess the level of risk.
  • Develop and maintain insider threat detection strategies, including the use of behavioral analytics, machine learning, and other advanced tools and techniques.
  • Collaborate with internal stakeholders, including IT, HR, legal, and compliance teams, to implement insider threat prevention and response measures.
  • Provide guidance and training to employees on best practices for identifying and reporting potential insider threats.
  • Develop and maintain insider threat incident response plans and procedures, including escalation paths and communication protocols.
  • Stay current on emerging threats, vulnerabilities, and best practices related to insider threats and information security.
  • Participate in cross-functional security assessments, audits, and risk assessments to identify and address insider threat risks.
  • Prepare and present reports and findings to senior management and relevant stakeholders on insider threat trends, incidents, and mitigation efforts.
  • Serve as a subject matter expert on insider threats, providing guidance and support to the organization's security team and leadership.

Qualifications:

  • Bachelor's degree in computer science, information technology, cybersecurity, or related field (advanced degree preferred).
  • 8+ years of experience in information security, public or private sector investigation, with a focus on insider threat detection and mitigation.
  • In-depth knowledge of insider threat indicators, tactics, techniques, and procedures (TTPs).
  • Experience with security information and event management (SIEM) systems, user behavior analytics (UBA), and other insider threat detection technologies.
  • Strong analytical and problem-solving skills, with the ability to interpret complex data and identify actionable insights.
  • Excellent communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams.
  • Relevant certifications such as Certified Insider Threat Analyst (CITA), Certified Information Systems Security Professional (CISSP), or equivalent.

Additional Information:

  • This position may require occasional travel and participation in off-hour global incident and threat response activities.
  • Candidates must be able to pass a background check and adhere to strict confidentiality and ethical standards.

Wage ranges are based on various factors including the labor market, job type, and job level. Exact salary offers will be determined by factors such as the candidate's subject knowledge, skill level, qualifications, experience, and geographic location.