97 applicants

Company

Fortinet · 8 hours ago

Lead Consultant – FortiGuard Incident Response

USA

Full-time

Remote

Senior Level, Lead/Staff

10+ years exp

Maximize your interview chances

Cyber SecurityMobile

Comp. & Benefits

H1B Sponsor Likely

Insider Connection @Fortinet

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Lead IR engagements and mentoring/training junior analysis

Continue to focus on process improvement for the customer facing incident response services

Conduct host-based analysis and forensic functions on Windows, Linux, and Mac OS X systems

Review firewall, web, database, and other log sources to identify evidence and artifacts of malicious and compromised activity

Leverage our FortiEDR Platform to conduct investigations to rapidly detect and analyze security threats

Preform basic reverse engineering of threat actor’s malicious tools

Develop complete and informative reports and presentations for both executive and technical audience

Availability during nights/weekends as needed for IR engagements

Perform memory forensics and file analysis as needed

Monitor underground forums, our FortiGuard Threat Labs, along with other open-source intelligence outlets to maintain proficiency in latest actor tactics and techniques

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Scripting languagesYARAMalware analysis toolsAPT campaignsEnCaseFTKX-WaysSIFTSplunkRedlineVolatilityWireSharkTCPDumpOperating system internalsEndpoint securityActive Directory

Required

Experience with of at least one scripting language: Shell, Ruby, Perl, Python, etc

Ability to data mine using YARA, RegEx or other techniques to identify new threats

Experienced with EnCase, FTK, X-Ways, SIFT, Splunk, Redline, Volatility, WireShark, TCPDump, and open source forensic tools a plus

Experience with malware analysis tools such as IDA Pro, OllyDbg, Immunity Debugger

Hands-on experience dealing with APT campaigns, attack Tactics, Techniques and Procedures (TTPs), memory injection techniques, static and dynamic malware analysis and malware persistence mechanism

Strong knowledge of operating system internals and endpoint security experience.

Able to communicate with both technical and executive personnel

Static and dynamics malware and log analysis

Excellent written and verbal communication skills a must

Highly motivated, self-driven and able to work both independently and within a team

Able to work under pressure in time critical situations and occasional nights and weekends work

Bachelor’s Degree in Computer Engineering, Computer Science or related field

Or 10+ years’ experience with incident response and or Forensics

Preferred

Analysis of Linux and MAC binary files and the understanding of MAC internals is a plus but not required.

A good understanding of Active Directory a plus

Company

Fortinet

Glassdoor

4.1

Fortinet is a provider of network security appliances that include firewalls, security gateways, and complementary products.

Founded in 2000

Sunnyvale, California, USA

10,001+ employees

http://www.fortinet.com

H1B Sponsorship

Fortinet has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2023 (124)

2022 (177)

2021 (150)

2020 (157)