Add office photos

Fortinet Technologies

Compare

based on 22 Reviews

42 Fortinet Technologies Jobs

Tactical Threat Analyst

Fortinet

based on 22 Reviews

5-8 years

Bangalore / Bengaluru

1 vacancy

Tactical Threat Analyst

Fortinet Technologies

posted 16hr ago

Flexible timing

Key skills for the job

+ 3 more

We are looking for a Tactical Threat Analyst to work in a dynamic and exciting new position reporting to the Security Operations Center Manager
The analyst will work directly with members of a world class incident response and forensics team
Our team is comprised of individuals with strong knowledge in malware hunting and analysis, reverse engineering, multiple scripting languages, forensics and Threat Actors TTPs
In this customer facing role the analyst s main objective is to find evil, stop the bad guys and provide superior customer service to our customers globally
In your daily tasks you will review and investigate security events from our Fortinet s XDR platform as well as analysis of forensic data and end-point events, perform malware analysis, reverse engineering, and respond to multiple security incidents
In addition, from time to time the analysis will help to create threat research work products such as blogs and presentations

Responsibilities:

Review incoming security events to perform initial triage of events primary from our FortiEDR technology
Identify and analyze events that appear highly suspicious and notifying customs of malware infections
As needed conduct host-based analysis and forensic functions on Windows, Linux, and Mac OS X systems
Work on escalated events and help to assist other team members
Assist in enhancing and tuning Fortinet s Cloud Services and Automated Incident Response (AIR) system
Review firewall, web, database, and other log sources to identify evidence and artifacts of malicious and compromised
activity
Leverage our FortiEDR platform to conduct investigations to rapidly detect, analyze and contain security threats
Perform memory forensics and file analysis as needed
Monitor FortiGuard Labs data and open-source intelligence outlets to maintain proficiency in latest threat actor tactics
and techniques
Preform reverse engineering of threat actor s malicious tools

Required Skills:

Experience with of at least one scripting language: Shell, Ruby, Perl, Python, etc
Strong knowledge of operating system internals, endpoint security experience an active directory a must
Experienced with EnCase, FTK, X-Ways, SIFT, Splunk, Redline, Volatility, WireShark, TCPDump, and open-source forensic
tools a plus
Demonstrate relevant experience as a contributing member of a security operations, threat intelligence or incident
response team
Experience with malware analysis tools such as IDA Pro, OllyDbg, Immunity Debugger a plus
Hands-on experience dealing with APT campaigns, attack Tactics, Techniques and Procedures (TTPs), memory injection
techniques, static and dynamic malware analysis and malware persistence mechanism
Hands-on experience with memory forensics
Excellent written and verbal communication skills a must
Reading and writing skills of non-English languages such as Chinese and Russian a plus
Analysis of Linux and MAC binary files and the understanding of MAC internals is a plus but not required.
Highly motivated, self-driven and able to work both independently and within a team.
Able to work under pressure in time critical situations and occasional nights and weekends.
bachelors Degree in Computer Engineering, Computer Science or related field.
5 to 8+ years experience with incident response and or Forensics.
GCFA, GCIH, GCFE, GREM or any other related GIAC certification a plus.