Fortinet (NASDAQ: FTNT) protects the most valuable assets of some of the largest enterprise, service provider and government organizations across the globe. The company's fast, secure and global cyber security solutions provide broad, high-performance protection against dynamic security threats while simplifying the IT infrastructure. They are strengthened by the industry's highest level of threat research, intelligence and analytics. Unlike pure-play network security providers, Fortinet can solve organizations' most important security challenges, whether in networked, application or mobile environments - be it virtualized/cloud or physical. More than 210,000 customers worldwide, including some of the largest and most complex organizations, trust Fortinet to protect their brands. Learn more at http://www.fortinet.com , the Fortinet Blog or FortiGuard Labs .
Our Team of experts at Fortinet is looking for a Threat Intelligence Expert to work in a dynamic and exciting new position within the FortiGuard Threat Intelligence group. The Intelligence Expert’s main responsibilities will be data mining a plethora of information from multiple sources. This includes big data - global and regional trends based on unique intelligence served up from Fortinet’s global intelligence network, as well as specific data on regional and low volume levels.
They will also work directly with our MVRT (Malware & Vulnerability Research Team) to track and promote new technical research on breaking threats from advanced persistent threat to exploit. The expert will use multiple systems to correlate and weave data. This includes FortiSandbox data.
The role reports into the Security Strategy organization and will work with both the FortiGuard SE evangelist team along with the Cyber Threat Response unit. The Intelligence Expert will also work with our FortiGuard Tools team to manage ingest and export of threat intelligence exchange feeds, using protocols such as STIX/TAXII. FortiGuard Services offer broad security solutions including antivirus, intrusion prevention, Web content filtering and anti-spam capabilities. These services help protect against threats on both application and network layers. FortiGuard Services are updated by FortiGuard Labs, which enables Fortinet to deliver a combination of multi-layered security intelligence and zero-day protection from new and emerging threats. FortiGuard Labs has experts in cyber threat response and analysis world wide. Responsibilities:
n•Perform research and analysis of malware, security threats and vulnerabilities, including statistical views n•Query and analyze threat trend analysis data, IOC (indicators of compromise) from multiple database sources
o Includes global threat sensor data and internal research environments
o Includes FortiSandbox data
n•Participate in industry forums such as OASIS Cyber Threat Intelligence Technical Committee n•Collaborate closely with the MVRT team (AV/IPS) to digest ongoing research into threat intelligence data that can be sent to the threat report and rapid response team n•Collaborate closely with the cyber threat response, threat marketing group; pass analyzed data for the team to write and report on for breaking threats n•Support ingest of threat intelligence information, facilitate relationships to appropriate departments n•Perform evaluation of 3rd party threat intelligence feeds and how they would complement FortiGuard n•Demonstrate FortiGuard security concepts in relation to Fortinet product, most importantly APT n•Support existing and new threat intelligence collaborations & relationships (including global CERT) from a technical standpoint – ensure data flow and structure is functioning as needed n•Carry quarterly and annual revenue targets that are linked to a variable bonus Required Skills
n•Hands on experience in database design/operation/maintenance and MySQL n•Big data hands on experience required (Apache Hadoop, Spark, NoSQL, etc) n•Deep appreciation and understanding of how web service work together, include HTTP, REST, XMLRPC, JSON and preferably STIX/TAXII n•Data visualization experience (Tableau, Qlikview, etc) n•Experience with of at least one scripting language: Shell, Ruby, Perl, Python, etc o Further development skills (C/C++) an asset n•Familiar understanding of malware and sandbox conceptsn•Familiar understanding of security vulnerability and exploit lifecycle n•Networking concepts and Linux system administration skills n•Clear understanding of competitive landscape and differentiators in regard to APT defense n•Statistical and quantitative analysis (R, Matlab, SAS, Stata, etc) is a very strong asset n•Comprehensive understanding of machine learning concepts is a strong asset n•Highly motivated and responsible quick learner Education:
n•Bachelor’s Degree in Computer Engineering, Computer Science or related field