Fortinet is looking for a Senior Security Researcher to join the team!
Responsibilities:
- Make pen-test plan for targets under security evaluation.
- Test and analyze cloud and web-based environments to identify potential risks.
- Write Proof of Concept exploits for vulnerabilities.
- Collaborate with cross-functional teams to address the identified security risks and provide solutions.
- Stay up to date with the latest security trends, tools and techniques.
Requirements:
- At least 3 years of experience in Cyber Security or Vulnerability Research.
- Experience in discovering and exploiting zero-day vulnerabilities.
- Familiarity with common vulnerability types, like XSS, CSRF, SQL Injection, Buffer Overflow, etc.
- Familiarity with popular Web Servers and application frameworks, like Apache, Angular, etc.
- Familiarity with Top Web Application Security Risks/Vulnerabilities and attack techniques in MITRE ATT&CK matrix.
- Familiarity with popular security tools, like Burp Suite, Nmap, Fiddler, Metasploit, etc.
- Experience in developing Proof of Concept exploits for vulnerabilities.
- Experience in writing scripting code, like Python, JavaScript, Go, etc.
- Experience in using cloud platforms, like OpenStack, AWS, etc.
- Good communication skills and a team player.
- Self-directed, self-motivated with the ability to work with minimal supervision and be Productive.
- CTF, Bug-Bounty or proven public records of Vulnerability Discovery (e.g. CVEs) is a strong plus.
Education
- Bachelor or Master of Computer Science, Computer Engineering or Information Security.
The US base salary range for this full-time position is $150,000-$200,000. Fortinet offers employees a variety of benefits, including medical, dental, vision, life and disability insurance, 401(k), 11 paid holidays, vacation time, and sick time as well as a comprehensive leave program.
Wage ranges are based on various factors including the labor market, job type, and job level. Exact salary offers will be determined by factors such as the candidate's subject knowledge, skill level, qualifications, experience, and geographic location.
All roles are eligible to participate in the Fortinet equity program, Bonus eligibility is reviewed at time of hire and annually at the Company’s discretion.