Fortinet (NASDAQ: FTNT) protects the most valuable assets of some of the largest enterprise, service provider and government organizations across the globe. The company's fast, secure and global cyber security solutions provide broad, high-performance protection against dynamic security threats while simplifying the IT infrastructure. They are strengthened by the industry's highest level of threat research, intelligence and analytics. Unlike pure-play network security providers, Fortinet can solve organizations' most important security challenges, whether in networked, application or mobile environments - be it virtualized/cloud or physical. More than 210,000 customers worldwide, including some of the largest and most complex organizations, trust Fortinet to protect their brands. Learn more at http://www.fortinet.com , the Fortinet Blog or FortiGuard Labs .
Fortinet is searching for a Senior Data Scientist to work in a dynamic and exciting new position within the FortiGuard Security Strategy Group (FSSG), office of the CISO. The Data Scientist's main responsibilities will be data mining a plethora of information from FortiGuard Labs. This includes bid data - global and regional trends based on unique intelligence served up from Fortinet's global intelligence network, as well as specific data on regional and low volume levels. Other analysis projects include support for industry relationships like the Cyber Threat Intelligence Alliance. They will work directly with backend FortiGuard and FFortiGuard SE teams to track and promote new discoveries based off the Data Scientist's analysis and threat illumination. The scientist will use multiple systems to correlate data while threat hunting. This includes FortiSandbox data and other backend research systems.
The role reports into the Security Strategy organization, office of the CISO. The Data Scientist will also work with our FortiGuard tools team and Security Orchestrator in order to ingest new threat intelligence feeds for our scientific analysis and evaluation, as well as export specific data sets based off filtered queries of interesting data including vertical specific information.
FortiGuard Services offer broad security solutions including antivirus, intrusion prevention, web content filtering and anti spam capabilities. These services help protect against threats on both application and network layers. FortiGuard Services are updated by FortiGuard Labs, which enables Fortinet to deliver a combination of multi-layered security intelligence and zero-day protection from new and emerging threats. FortiGuard Labs has experts in cyber threat response and analysis worldwide.
- query and analyze threat trend analysis data, IOC (indicators of compromise) from multiple sources: global threat sensor data and internal research environments, FortiGuard TIS services and Cyber Threat Alliance, FortiSandbox
- Contextualize data based off threat discoveries (STIX profiles, correlation, mapping threat actor groups)
- create new views and queries that can be used for automation of intelligence reports
- publish trend and statistical views based off analysis and discoveries (threat illumination)
- participate in industry forums
- collaborate closely with Security Strategy & FortiGuard Labs analysis team (AV/IPS/WF) to correlate additional research into threat intelligence data that can be used for threat reporting and other research channels
- perform evaluation of 3rd party threat intelligence feeds and how they would complement FortiGuard
- support existing and new threat intelligence collaborations and relationships (including global CERT) from a technical standpoint - ensure data flow and structure is functioning as needed
- carry quarterly and annual revenue targets linked to commission structure that support FortiGuard SE team
- hands on experience in database design/operation/maintenance, MySQL, PostgreSQL
- big data hands on experience required (Apache Hadoop, Spark, NoSQL, etc) along with data mining
- Deep appreciation and understanding of how web service work together (includes HTTP, REST, XMLRPC, JSON and preferably STIX/TAXII)
- data visualization experience (Tableau, Qlikview, etc)
- experience in at least one of: shell, ruby, python, perl, etc. (C, C++ an asset)
- familiar understanding of malware and sandbox concepts
- familiar understanding of security vulnerability and exploit lifecycle
- networking concepts and Linux system administration skills
- clear understanding of competitive landscape and differentiators in regard to APT defense
- statistical and quantitative analysis (R, Matlab, SAS, Stata, etc) is a very strong asset
- comprehensive understanding of machine learning concepts is a strong asset
- highly motivated and responsible quick learner
- bachelors degree in computer engineering, computer science, engineering or related experience and education