Threat Detection and Intelligence Team Lead

Join Fortinet a cybersecurity pioneer with over two decades of excellence as we continue to shape the future of cybersecurity and redefine the intersection of networking and security. At Fortinet our mission is to safeguard people devices and data everywhere.

We are currently seeking a dynamic Threat Detection and Intelligence Team Lead to guide a team of talented this pivotal role you will combine hands-on technical expertise with team leadership to drive the development of high-fidelity detection content and integrate threat intelligence into our rapidly growing business.

Key Responsibilities

As the Team Lead you will:

• Lead & Mentor: Provide day-to-day guidance technical mentorship and code/rule reviews to a team of Threat Detection Analysts.

• Drive Detection Strategy: Lead the end-to-end lifecycle of detection contentfrom initial threat identification to rule development optimization and validation.

• Threat Intelligence Integration: Spearhead the integration of threat intelligence into the product detection pipeline and telemetry strategy ensuring the team stays ahead of emerging threats.

• Coverage & Quality: Own detection coverage mapping and lead coverage gap assessments. Oversee quality assurance processes to validate detection logic and minimize false positives.

• Technical Execution: Actively participate in designing and implementing detection logic for threats across Windows Linux and macOS.

• Advanced Analysis: Guide the team in deep-dive malware analysis and behavioral profiling to support detection development.

• Landscape Awareness: Track high-priority threat actors and malware campaigns maintaining strategic awareness to guide the teams roadmap priorities.

We Are Looking For

• Experience: 6 years of experience in the Threat Detection or Threat Intelligence field with prior experience mentoring or leading a technical team.

• Detection Engineering: Hands-on expertise in developing and tuning high-fidelity detection content (such as YARA rules) and familiarity with frameworks like MITRE ATT&CK.

• OS Internals: Strong understanding of Windows internals (process trees memory artifacts system calls audit logs) and familiarity with Linux/macOS.

• Data Analysis: Experience analyzing large-scale telemetry log data and detection outputs to identify anomalies and validate coverage (Bigtable ELK Splunk expertise is an advantage).

• Malware Knowledge: Deep familiarity with the malware landscape (APT groups Ransomware families Crimeware) and the ability to reverse engineer or deconstruct malicious tools.

• Scripting: Proficiency in Python PowerShell or Bash for automation and tool development.

• Product Experience: Experience working on a product team (EDR XDR AV Endpoint Security)Advantage.

• Soft Skills: A collaborative team player with the ability to work independently and communicate complex technical details effectively in English.

Why Join Us

At Fortinet we embrace diversity and inclusivity. We encourage applications from diverse backgrounds and identities. Explore our welcoming work environment designed for a rewarding career journey with an attractive Total Rewards package to support you with your overall health and financial well-being. Join us in bringing solutions that make a meaningful and lasting impact to our 660000 customers around the globe.

We will only notify shortlisted candidates.

Fortinet will not entertain any unsolicited resumes please refrain from sending them to any Fortinet employees or Fortinet email aliases. Should any Agency submit any resumes to Fortinet these resumes if considered will be assumed to have been given by the Agency free of any related fees/charges.

#LI-Hybrid