Lead Consultant – FortiGuard Incident Response

🕒 May 15

Apply Now
Find Similar Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Logo of Fortinet

Fortinet

10,000+ employees

🔒 Cybersecurity

☁️ SaaS

🤝 B2B

💰 $6.5M Series B on 2005-01

Cybersecurity • SaaS • B2B

Fortinet is a leading provider of cybersecurity solutions, focusing on securing networks, applications, and data across various environments. The company offers a comprehensive platform that includes advanced threat protection, secure access service edge (SASE), and networking solutions, all integrated into a single point of management. With a commitment to innovation and efficiency, Fortinet serves a wide range of industries, securing over 700,000 enterprise customers and government organizations globally.

📋 Description

• Lead IR engagements and mentoring/training junior analysts • Serve as the primary contact for clients during investigations, delivering clear technical and executive-level updates. • Continue to focus on process improvement for the customer facing incident response services • Conduct host-based analysis and forensic functions on Windows, Linux, and Mac OS X systems • Review firewall, web, database, and other log sources to identify evidence and artifacts of malicious and compromised activity • Leverage our FortiEDR Platform to conduct investigations to rapidly detect and analyze security threats • Perform memory forensics and file analysis as needed • Contribute to threat intelligence consumption and generation within the FortiGuard threat intelligence ecosystem • Perform basic reverse engineering of threat actors’ malicious tools • Develop complete and informative reports and presentations for both executive and technical audience

🎯 Requirements

• Bachelor’s Degree in Computer Engineering, Computer Science or related field • 10+ years’ experience with incident response and or Forensics • Excellent written and verbal communication skills • Experience interfacing with customers • Experience with of at least one scripting language: Shell, Ruby, Perl, Python, etc • Ability to data mine using YARA, RegEx or other techniques to identify new threats • Experienced with EnCase, FTK, X-Ways, SIFT, Splunk, Redline, Volatility, WireShark, TCPDump, and open source forensic tools a plus • Experience with malware analysis tools such as IDA Pro, OllyDbg, Immunity Debugger • Hands-on experience dealing with APT campaigns, attack Tactics, Techniques and Procedures (TTPs), memory injection techniques, static and dynamic malware analysis and malware persistence mechanism • Strong knowledge of operating system internals and endpoint security experience • Able to communicate with both technical and executive personnel • Static and dynamics malware and log analysis • Analysis of Linux and MAC binary files and the understanding of MAC internals is a plus but not required • Highly motivated, self-driven and able to work both independently and within a team • Able to work under pressure in time critical situations and occasional nights and weekends work • A solid understanding of Active Directory and how to secure is a plus

🏖️ Benefits

• Availability during nights/weekends as needed for IR engagements

Apply Now