Job Description

Fortinet

Fortinet delivers cybersecurity everywhere you need it. We secure the entire digital attack surface from devices, data, and apps and from data center to home office.

The Product Security Incident Response Team is looking for a Senior Security Researcher, to research & discover security vulnerabilities in Fortinet products.

Responsibilities:

• Discover new Exploitation Techniques or Attack Vectors.
• Discover new Exploits/Vulnerabilities.
• Perform Source Code Review to identify potential security flaws.
• Write Proof of Concept exploits for vulnerabilities discovered using SAST/DAST.
• Work with development team to fix the discovered vulnerabilities.
• Analyze new attacks, attack surfaces.
• Stay up to date on the latest exploitation techniques.

Requirements:

• At least 3 years of experience in Security or Vulnerability Research.
• Reverse engineering experience including binary analysis, and firmware analysis (using binwalk or other). Prior experience with dynamic analysis debuggers (e.g. OllyDBG, WinDBG), disassemblers or decompilers (e.g. IDA Pro).
• Penetration testing web application and attack analysis experience using tools including Burp Suite, Fiddler, or Metasploit, etc.
• Experience in Source Code Analysis using tools like Coverity, Blackduck, Checkmarx, etc.
• Experience in writing Proof of Concept exploits for vulnerabilities discovered using DAST/SAST.
• Familiar with Top Web Application Security Risks/Vulnerabilities and attack techniques in MITRE ATT&CK matrix.
• Familiar with Database languages.
• Familiar with popular Web Server software (e.g. Nginx, Apache, IIS) and Web Application Frameworks.
• Knowledge of OS Internals & networking protocols such as TCP/IP, DNS, Scada, IoT, etc.
• Self-directed, Self-motivated with the ability to work with minimal supervision and be productive.
• Good communication skills and a team player.
• Proven analytical and problem solving skills and out-of-the-box thinking.
• CTF, Bug-Bounty or proven Multiple public records of Vulnerability Disclosure (e.g. CVEs) is a strong plus.

Education:

• Bachelor or Master of Computer Science or Electrical/Computer Engineering.

The US base salary range for this full-time position is $130,000-$160,000. Fortinet offers employees a variety of benefits, including medical, dental, vision, life and disability insurance, 401(k), 11 paid holidays, vacation time, and sick time as well as a comprehensive leave program.

Wage ranges are based on various factors including the labor market, job type, and job level. Exact salary offers will be determined by factors such as the candidate's subject knowledge, skill level, qualifications, experience, and geographic location.

All roles are eligible to participate in the Fortinet equity program. Bonus eligibility is reviewed at time of hire and annually at the Company’s discretion.

Why Join Us:
We encourage candidates from all backgrounds and identities to apply. We offer a supportive work environment and a competitive Total Rewards package to support you with your overall health and financial well-being. Embark on a challenging, enjoyable, and rewarding career journey with Fortinet. Join us in bringing solutions that make a meaningful and lasting impact to our 660,000+ customers around the globe.

Fortinet (NASDAQ: FTNT) secures the largest enterprise, service provider, and government organizations around the world. Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network - today and into the future. Only the Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud or mobile environments. Fortinet ranks number one in the most security appliances shipped worldwide and more than 500,000 customers trust Fortinet to protect their businesses.

We are committed to providing reasonable accommodations for all qualified individuals with disabilities. If you require assistance or accommodation due to a disability, please contact us at accommodations@fortinet.com.

Fortinet is an equal opportunity employer. We value diversity in our company, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age, military/veteran status or any other applicable legally protected characteristics in the location in which the candidate is applying.

Job Tags

Similar Jobs