Tactical Threat Analyst - Philippines
Manila, Metropolitan Manila, Philippines
Applications have closed
Fortinet
Fortinet delivers cybersecurity everywhere you need it. We secure the entire digital attack surface from devices, data, and apps and from data center to home office.Location: Philippines (Manila)
Join Fortinet, a cybersecurity pioneer with over two decades of excellence, as we continue to shape the future of cybersecurity and redefine the intersection of networking and security. At Fortinet, our mission is to safeguard people, devices, and data everywhere. We are currently seeking a dynamic Tactical Threat Analyst to contribute to the success of our rapidly growing business.
This role requires this individual to work permanent night shift (East Coast 9AM EST – 6PM EST), Tuesday to Saturday.
As a Tactical Threat Analyst, you will:
- Review incoming security events to perform initial triage of events primary from our FortiEDR technology.
- Identify and analyze events that appear highly suspicious and notify customers of malware infections.
- Conduct host-based analysis and forensic functions on Windows, Linux, and Mac OS X systems.
- Work on escalated events and help to assist other team members.
- Assist in enhancing and tuning Fortinet’s Cloud Services and Automated Incident Response (AIR) system.
- Review firewall, web, database, and other log sources to identify evidence and artifacts of malicious and compromised activity.
- Leverage on our FortiEDR platform to conduct investigations to rapidly detect, analyze and contain security threats.
- Perform memory forensics and file analysis as needed.
- Monitor FortiGuard Labs data and open-source intelligence outlets to maintain proficiency in latest threat actor tactics and techniques.
- Perform reverse engineering of threat actor’s malicious tools.
We Are Looking For:
An insightful and influential collaborator to join our team. We encourage you to apply for this position if you have the following qualities:
- 5 to 8+ years’ experience with incident response and or Forensics.
- Experience with of at least one scripting language: Shell, Ruby, Perl, Python, etc.
- Strong knowledge of operating system internals, endpoint security experience an active directory a must.
- Experienced with EnCase, FTK, X-Ways, SIFT, Splunk, Redline, Volatility, WireShark, TCPDump, and open-source forensic tools a plus.
- Demonstrate relevant experience as a contributing member of a security operations, threat intelligence or incident response team.
- Experience with malware analysis tools such as IDA Pro, OllyDbg, Immunity Debugger a plus.
- Hands-on experience dealing with APT campaigns, attack Tactics, Techniques and Procedures (TTPs), memory injection techniques, static and dynamic malware analysis and malware persistence mechanism.
- Hands-on experience with memory forensics.
- Excellent written and verbal communication skills a must.
- Analysis of Linux and MAC binary files and the understanding of MAC internals is a plus but not required.
- Highly motivated, self-driven and able to work both independently and within a team.
- Able to work under pressure in time critical situations and occasional nights and weekends.
- Bachelor’s Degree in Computer Engineering, Computer Science or related field.
- GCFA, GCIH, GCFE, GREM or any other related GIAC certification a plus.
Why Join Us:
At Fortinet, we embrace diversity and inclusivity. We encourage applications from diverse backgrounds and identities. Explore our welcoming work environment designed for a rewarding career journey with an attractive Total Rewards package to support you with your overall health and financial well-being. Join us in bringing solutions that make a meaningful and lasting impact to our 660,000+ customers around the globe.
We will only notify shortlisted candidates.
Fortinet will not entertain any unsolicited resumes, please refrain from sending them to any Fortinet employees or Fortinet email aliases. Should any Agency submit any resumes to Fortinet, these resumes if considered, will be assumed to have been given by the Agency free of any related fees/charges.
#LI-JT
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Active Directory APT Cloud Computer Science EnCase Endpoint security Firewalls Forensics GCFA GCFE GCIH GIAC GREM IDA Pro Incident response Linux Malware OllyDbg Perl Python Reverse engineering Ruby Scripting Splunk Threat intelligence TTPs Windows
Perks/benefits: Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.