Fortinet’s Code Security team is responsible for shipping a suite of products that can be used to help secure customer codebases. The technology involves static and dynamic program analysis and their combination, used to find, as well as prevent, threats and to understand risk, and serves personnel ranging from developers to security engineers to VP+C-suite. The Code Security offering which was recently announced integrates with the Fortinet CNAPP platform providing end-to-end security from code to cloud in a way where insights from different points in the software lifecycle work together to provide a holistic view of security.
We are looking for candidates to work on both the underlying analyses and on the platform for deploying them. The Analysis roles involve Programming Language technologies, such as build systems, compilers, formal methods, or static or dynamic program analysis. The Platform roles involve a mixture of DevOps and SRE (e.g. kubernetes) style work, as well as working with source code management systems (e.g., GitHub, GitLab, Bitbucket). The Platform work is absolutely central to success, as it provides the foundation for meeting developers and security engineers where they work.
To apply you don’t need prior industry experience with these technologies: the main requirements are ability to program, as well as a desire to learn and contribute to a fast-paced engineering team making products used by thousands of programmers. This is a unique and rare opportunity to get in on the ground floor of an effort to secure customers’ code in the cloud(s).
Responsibilities
● Integrate analysis tools with engineering workflows, to enable code reasoning to meet engineers where they are.
● Evaluate and improve the efficacy and efficiency of open source and in-house analysis tools.
● Work cross-functionally with other Engineering, Product Management, Support, Sales teams as well as Customers
● Develop functional specifications and design documents by collaborating with stakeholders
● Write high quality, well documented, and well-tested code
● Participate in code and design reviews
Minimum Qualification
● BSc in Computer Science or related academic or industrial experience
● Computer Science Fundamentals: Practical algorithms and data structures; Big-O complexity analysis; OS/Unix concepts, tools, and techniques; parallel and concurrent programming.
Preferred Qualifications
● Experience in Programming Language technologies, such as build systems, compilers, formal methods, or static or dynamic program analysis
● Knowledge of security attacks and defenses
● Experience of clouds (AWS, GCP, AZURE), Kubernetes, Infrastructure as Code
● Devops experience, CICD, source code management systems (e.g., GitHub, GitLab, Bitbucket)