Senior Security Researcher
Sunnyvale, CA, United States
Make pen-test plan for targets under security evaluation.
Test and analyze cloud and web-based environments to identify potential risks.
Write Proof of Concept exploits for vulnerabilities.
Collaborate with cross-functional teams to address the identified security risks and provide solutions.
Stay up to date with the latest security trends, tools and techniques.
Requirements:
At least 3 years of experience in Cyber Security or Vulnerability Research.
Experience in discovering and exploiting zero-day vulnerabilities.
Familiarity with common vulnerability types, like XSS, CSRF, SQL Injection, Buffer Overflow, etc.
Familiarity with popular Web Servers and application frameworks, like Apache, Angular, etc.
Familiarity with Top Web Application Security Risks/Vulnerabilities and attack techniques in MITRE ATT&CK matrix.
Familiarity with popular security tools, like Burp Suite, Nmap, Fiddler, Metasploit, etc.
Experience in developing Proof of Concept exploits for vulnerabilities.
Experience in using cloud platforms, like OpenStack, AWS, etc.
Good communication skills and a team player.
Self-directed, self-motivated with the ability to work with minimal supervision and be Productive.
CTF, Bug-Bounty or proven public records of Vulnerability Discovery (e.g. CVEs) is a strong plus.
Education
Bachelor or Master of Computer Science, Computer Engineering or Information Security.
#LI-BHAVYA
#GD
About Us Fortinet (NASDAQ: FTNT) secures the largest enterprise, service provider, and government organizations around the world. Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network - today and into the future. Only the Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud or mobile environments. Fortinet ranks number one in the most security appliances shipped worldwide and more than 500,000 customers trust Fortinet to protect their businesses.
We are committed to providing reasonable accommodations for all qualified individuals with disabilities. If you require assistance or accommodation due to a disability, please contact us at [email protected].
Fortinet is an equal opportunity employer. We value diversity in our company, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age, military/veteran status or any other applicable legally protected characteristics in the location in which the candidate is applying.
The Fortinet Team is looking for an Information SecurityPenetration Tester to join the Information SecurityPentestteam for the Burnaby site. It is a highly technical role assisting the Information Security leadership with daily information security test activities, both on an organizational and technical level.
The Product Security Incident Response Team is looking for a Product Security Engineer, to handle Product Security related incidents, and to perform vulnerability research on Fortinet products.
Join the Fortinet MIS Security team in an Information SecurityExpert role where you will be responsible for the secure operation and incident response!
We are seeking an InfoSec Certification and Compliance Analyst to join our InfoSec team. In this role, you will help on various certification projects. You will review certification requirements, map the requirements to security controls, perform gap analysis, and work with internal teams to remediate risks and close the security gaps. You will work with team members to ensure the Information Security Management System (ISMS) adherence to industry standards, laws, best practices, and various certification requirements. Additionally, you will help to support company-wide compliance and regularity requirements, maintain and improve the ISMS to uphold the confidentiality, integrity, and availability of sensitive information.
#J-18808-Ljbffr