Lead Consultant (Fortiguard Incident Response) - Apac

Lead Consultant (FortiGuard Incident Response) - APACSkip to content
Security (Information & Communication Technology)
Full time
Add expected salary to your profile for insights
Join Fortinet, a cybersecurity pioneer with over two decades of excellence, as we continue to shape the future of cybersecurity and redefine the intersection of networking and security. At Fortinet, our mission is to safeguard people, devices, and data everywhere. We are currently seeking a dynamic Lead Consultant (FortiGuard Incident Response) to contribute to the success of our rapidly growing business.
You will work directly with members of a world class incident response and forensics team. Our team is comprised of individuals with strong knowledge in malware hunting and analysis, reverse engineering, multiple scripting languages, forensics and threat actors TTPs.
As a Lead Consultant (FortiGuard Incident Response), you will:
Lead IR engagements and mentoring/training junior analysis.
Continue to focus on process improvement for the customer facing incident response services.
Conducthost-based analysis and forensic functions on Windows, Linux, and Mac OS X systems.
Review firewall, web, database, and other log sources to identify evidence and artifacts of malicious and compromised activity.
Leverage our FortiEDR Platform to conduct investigations to rapidly detect and analyze security threats.
Preform basic reverse engineering of threat actor's malicious tools.
Develop complete and informative reports and presentations for both executive and technical audience.
Availability during nights/weekends as needed for IR engagements.
Perform memory forensicsand file analysis as needed.
Monitor underground forums, our FortiGuard Threat Labs, along with other open-source intelligence outlets to maintain proficiency in latest actor tactics and techniques.
We Are Looking For:
An insightful and influential collaborator to join our team. We encourage you to apply for this position if you have the following qualities:
Experience with of at least one scripting language: Shell, Ruby, Perl, Python, etc.
Ability to data mine using YARA, RegEx or other techniques to identify new threats.
Experienced with EnCase, FTK, X-Ways, SIFT, Splunk, Redline, Volatility, WireShark, TCPDump, and open source forensic tools a plus.
Experience with malware analysis tools such as IDA Pro, OllyDbg, Immunity Debugger.
Hands-on experience dealing with APT campaigns, attack Tactics, Techniques and Procedures (TTPs), memory injection techniques, static and dynamic malware analysis and malware persistence mechanism.
Strong knowledge of operating system internals and endpoint security experience.
Able to communicate with both technical and executive personnel.
Static and dynamics malware and log analysis.
Excellent written and verbal communication skills a must.
Reading and writing skills of non-English languages such as Chinese and Russian a plus.
Analysis of Linux and MAC binary files and the understanding of MAC internals is a plus but not required.
Highly motivated, self-driven and able to work both independently and within a team.
Able to work under pressure in time critical situations and occasional nights and weekends work.
A good understanding of Active Directory a plus.
Bachelor's Degree in Computer Engineering, Computer Science or related field.
Or 10+ years' experience with incident response and or Forensics.
Why Join Us:
At Fortinet, we embrace diversity and inclusivity. We encourage applications from diverse backgrounds and identities. Explore our welcoming work environment designed for a rewarding career journey with an attractive Total Rewards package to support you with your overall health and financial well-being. Join us in bringing solutions that make a meaningful and lasting impact to our 660,000+ customers around the globe.
We will only notify shortlisted candidates.
Fortinet will not entertain any unsolicited resumes, please refrain from sending them to any Fortinet employees or Fortinet email aliases. Should any Agency submit any resumes to Fortinet, these resumes if considered, will be assumed to have been given by the Agency free of any related fees/charges.
#LI-JC1
Location: Malaysia (Kuala Lumpur), Hong Kong, Singapore
Join Fortinet, a cybersecurity pioneer with over two decades of excellence, as we continue to shape the future of cybersecurity and redefine the intersection of networking and security. At Fortinet, our mission is to safeguard people, devices, and data everywhere. We are currently seeking a dynamic Lead Consultant (FortiGuard Incident Response) to contribute to the success of our rapidly growing business.
You will work directly with members of a world class incident response and forensics team. Our team is comprised of individuals with strong knowledge in malware hunting and analysis, reverse engineering, multiple scripting languages, forensics and threat actors TTPs.
As a Lead Consultant (FortiGuard Incident Response), you will:
Lead IR engagements and mentoring/training junior analysis.
Continue to focus on process improvement for the customer facing incident response services.
Conducthost-based analysis and forensic functions on Windows, Linux, and Mac OS X systems.
Review firewall, web, database, and other log sources to identify evidence and artifacts of malicious and compromised activity.
Leverage our FortiEDR Platform to conduct investigations to rapidly detect and analyze security threats.
Preform basic reverse engineering of threat actor's malicious tools.
Develop complete and informative reports and presentations for both executive and technical audience.
Availability during nights/weekends as needed for IR engagements.
Perform memory forensicsand file analysis as needed.
Monitor underground forums, our FortiGuard Threat Labs, along with other open-source intelligence outlets to maintain proficiency in latest actor tactics and techniques.
We Are Looking For:
An insightful and influential collaborator to join our team. We encourage you to apply for this position if you have the following qualities:
Experience with of at least one scripting language: Shell, Ruby, Perl, Python, etc.
Ability to data mine using YARA, RegEx or other techniques to identify new threats.
Experienced with EnCase, FTK, X-Ways, SIFT, Splunk, Redline, Volatility, WireShark, TCPDump, and open source forensic tools a plus.
Experience with malware analysis tools such as IDA Pro, OllyDbg, Immunity Debugger.
Hands-on experience dealing with APT campaigns, attack Tactics, Techniques and Procedures (TTPs), memory injection techniques, static and dynamic malware analysis and malware persistence mechanism.
Strong knowledge of operating system internals and endpoint security experience.
Able to communicate with both technical and executive personnel.
Static and dynamics malware and log analysis.
Excellent written and verbal communication skills a must.
Reading and writing skills of non-English languages such as Chinese and Russian a plus.
Analysis of Linux and MAC binary files and the understanding of MAC internals is a plus but not required.
Highly motivated, self-driven and able to work both independently and within a team.
Able to work under pressure in time critical situations and occasional nights and weekends work.
A good understanding of Active Directory a plus.
Bachelor's Degree in Computer Engineering, Computer Science or related field.
Or 10+ years' experience with incident response and or Forensics.
Why Join Us:
At Fortinet, we embrace diversity and inclusivity. We encourage applications from diverse backgrounds and identities. Explore our welcoming work environment designed for a rewarding career journey with an attractive Total Rewards package to support you with your overall health and financial well-being. Join us in bringing solutions that make a meaningful and lasting impact to our 660,000+ customers around the globe.
We will only notify shortlisted candidates.
Fortinet will not entertain any unsolicited resumes, please refrain from sending them to any Fortinet employees or Fortinet email aliases. Should any Agency submit any resumes to Fortinet, these resumes if considered, will be assumed to have been given by the Agency free of any related fees/charges.
#LI-JC1
Fortinet makes possible a digital world that we can always trust through its mission to protect people, devices, and data everywhere. This is why the world's largest enterprises, service providers, and government organizations choose Fortinet to securely accelerate their digital journey. The Fortinet Security Fabric platform delivers broad, integrated, and automated protections across the entire digital attack surface, securing critical devices, data, applications, and connections from the data center to the cloud to the home office. Ranking #1 in the most security appliances shipped worldwide, more than 615,000 customers trust Fortinet to protect their businesses. And the Fortinet NSE Training Institute, an initiative of Fortinet's Training Advancement Agenda (TAA), provides one of the largest and broadest training programs in the industry to make cyber training and new career opportunities available to everyone.
How do your skills match this job?How do your skills match this job? Sign in and update your profile to get insights.
Fortinet (NASDAQ: FTNT) is a worldwide provider of network security appliances and the market leader in unified threat management (UTM). Our products and subscription services provide broad, integrated and high-performance protection against dynamic security threats while simplifying the IT security infrastructure. Our customers include enterprises, service providers and government entities worldwide, including the majority of the 2009 Fortune Global 100. Fortinet's flagship FortiGate product delivers ASIC-accelerated performance and integrates multiple layers of security designed to help protect against application and network threats. Fortinet's broad product line goes beyond UTM to help secure the extended enterprise - from endpoints, to the perimeter and the core, including databases and applications. Fortinet is headquartered in Sunnyvale, Calif., with offices around the world.
History
Fortinet was founded in 2000 by Ken Xie, the visionary founder and former president and CEO of NetScreen, later sold to Juniper for more than $3.5 billion. The company is privately held and headquartered in Sunnyvale, California, with customer support, development and sales facilities throughout North America, Europe and Asia to ensure continuous customer success. Our management team is unmatched in experience within the network security marketspace and has received the largest amount of industry awards from business and trade publishing organizations. The company's position as the leading privately-held network security systems supplier has been validated by approximately $100 million in funding from the industry's leading venture capital firms. Fortinet sells its system and subscription service products through a network of selected system and distributors and resellers worldwide. Our thousands of global customers include service providers, enterprises and small businesses.
Product & Services
Fortinet's flagship FortiGate security platforms offer a powerful blend of ASIC-accelerated performance, integrated multi-threat response, and constantly-updated, in-depth threat intelligence. Employing innovative technologies for networking, security and content analysis, Fortinet systems integrate the industry's broadest suite of security technologies, including firewall, VPN, antivirus, intrusion prevention (IPS), Web filtering, antispam, and traffic shaping, all of which can be deployed individually to complement legacy solutions or combined for a comprehensive threat management solution. The company complements these solutions with an array of management, analysis, e-mail, database and end-point security products.
Fortinet (NASDAQ: FTNT) is a worldwide provider of network security appliances and the market leader in unified threat management (UTM). Our products and subscription services provide broad, integrated and high-performance protection against dynamic security threats while simplifying the IT security infrastructure. Our customers include enterprises, service providers and government entities worldwide, including the majority of the 2009 Fortune Global 100. Fortinet's flagship FortiGate product delivers ASIC-accelerated performance and integrates multiple layers of security designed to help protect against application and network threats. Fortinet's broad product line goes beyond UTM to help secure the extended enterprise - from endpoints, to the perimeter and the core, including databases and applications. Fortinet is headquartered in Sunnyvale, Calif., with offices around the world.
History
Fortinet was founded in 2000 by Ken Xie, the visionary founder and former president and CEO of NetScreen, later sold to Juniper for more than $3.5 billion. The company is privately held and headquartered in Sunnyvale, California, with customer support, development and sales facilities throughout North America, Europe and Asia to ensure continuous customer success. Our management team is unmatched in experience within the network security marketspace and has received the largest amount of industry awards from business and trade publishing organizations. The company's position as the leading privately-held network security systems supplier has been validated by approximately $100 million in funding from the industry's leading venture capital firms. Fortinet sells its system and subscription service products through a network of selected system and distributors and resellers worldwide. Our thousands of global customers include service providers, enterprises and small businesses.
Product & Services
Fortinet's flagship FortiGate security platforms offer a powerful blend of ASIC-accelerated performance, integrated multi-threat response, and constantly-updated, in-depth threat intelligence. Employing innovative technologies for networking, security and content analysis, Fortinet systems integrate the industry's broadest suite of security technologies, including firewall, VPN, antivirus, intrusion prevention (IPS), Web filtering, antispam, and traffic shaping, all of which can be deployed individually to complement legacy solutions or combined for a comprehensive threat management solution. The company complements these solutions with an array of management, analysis, e-mail, database and end-point security products.
Be careful This job ad has not been subjected to our hirer verification process. Proceed cautiously and do your own checks before providing any personal information. Learn how to protect yourself Report this job adYour email addressReason for reporting jobAdditional commentsTo help fast track investigation, please include here any other relevant details that prompted you to report this job ad as fraudulent / misleading / discriminatory.#J-18808-Ljbffr