Fortinet Senior Security Engineer 

United States, California, Sunnyvale 

444606756

As a Senior Security Engineer, your responsibilities will include:

• Connect data sources and sinks in the various infosec platforms and tools to improve, scale and streamline Security Operations, Threat Hunting, Incident Response, and compliance reporting workflows across the CIS team.
• Improve CIS systems usability and utility for the entire CIS team.
• Serve as an internal subject matter expert to assess cyber threats and to secure the organization by leading in IR, TH, re-architecture, and remediation efforts.
• Understand and improve the completeness and visibility of global log/event data while delivering useful dashboards, alerts and automation integration to the IR, TH, and SOC teams.
• Maintain and improve infosec systems to provide maximum uptime, scalability, continuity, functionality, and integration with the Fortinet Security Fabric and third-party/fabric-partner tools.
• Identify gaps in infosec infrastructure security visibility, working with internal teams and developers to remedy and improve our systems and products.
• Perform Blue/Red exercises against our infrastructure to validate event parsing, alerting fidelity, incident veracity and SOC response.
• Work with SOC team to identify visibility gaps, system usability issues, and to deliver infosec tooling improvements via configuration, parser improvement, or by raising bugs and NFR’s to development teams.
• Develop, implement, and communicate vulnerability mitigation strategies to IT and development teams
• Identify, document, and monitor tactics, techniques, and procedures used by threat actors targeting Fortinet and the broader industry. Proactively research new attack vectors that may affect Fortinet infrastructure and applications.
• Develop strategies, evaluate solutions, design, and implement tools, processes, and controls to validate and ensure that security and privacy are designed into Fortinet infrastructure and applications while adhering to policy, compliance, and governance requirements.
• Be part of a global distributed team to share knowledge, workload, and assignments. Strong sense of teamwork is required. Cross train with peers in security concepts and best practices. A hunger for knowledge sharing and growth are essential in this team.

We are looking for:

• 8+ years of work experience in infosec, with preference for candidates adept with SOC tools such as FortiSOAR, FortiSIEM, FortiClient, FortiEDR and working knowledge of other core Fortinet products.
• 4+ years of experience with penetration and vulnerability testing, blue/red teaming, IR.
• Practical understanding of tactical application of various compliance frameworks including monitoring and validating compliance.
• Strong understanding of computer and network security, protocols, packet analysis, authentication & authorization, security protocols and attack methods.
• Proven programming/scripting experience with the ability to develop custom scripts to automate or simplify tasks and data gathering/munging.
• Experience with vulnerability scanners like Qualys, Tenable/Nessus, Nexpose, Whitehat Sentinel, Acunetix or similar.
• Experience with forensic data capture, evidence preservation and data extraction and analysis.
• Proficiency with administrative operation, configuration, and debugging/troubleshooting of Linux, Windows, MacOS, Active Directory, Exchange etc. and SSO/MFA technologies.
• Ability to organize & communicate effectively, both written and verbal, with technical and non-technical people across functional teams.
• A BS degree in Computer Science, Cyber Security, other tech-related degree, or equivalent experience.
• CISSP, NSE or similar certification or proven knowledge and experience.

We encourage candidates from all backgrounds and identities to apply. We offer a supportive work environment and a competitive Total Rewards package to support you with your overall health and financial well-being.

Wage ranges are based on various factors including the labor market, job type, and job level. Exact salary offers will be determined by factors such as the candidate's subject knowledge, skill level, qualifications, experience, and geographic location.