Fortinet

Compensation

Full Description

Fortinet is seeking a Consulting Data Security Architect within the Advanced Consulting Security Engineering (CSE) organization. This role serves as a senior technical authority supporting strategic data security initiatives across endpoint, user risk, and data protection domains. The position partners closely with Product Management, Field Sales, Professional Services, and customers to deliver high-impact proof-of-concept engagements, advanced architectural designs, and sales enablement. This is a hands-on engineering and architecture role requiring deep operating system knowledge, data security domain expertise, scripting and automation proficiency, and the ability to translate complex business requirements into secure, scalable technical designs. Responsibilities • Support high-profile proof-of-concept (POC) and proof-of-value (POV) engagements for strategic opportunities • Architect and design complex data security and endpoint protection environments • Provide deep technical guidance on endpoint data security, user risk management, classification frameworks, and metadata-driven controls • Develop and maintain automation scripts for endpoint and agent deployment • Translate regulatory and business requirements into enforceable technical policy frameworks • Develop reference architectures and best-practice deployment patterns • Lead technical sales engagements in collaboration with Field SEs and Account Teams • Develop and deliver technical enablement and training programs • Support Product Management with market-driven feature prioritization • Provide technical mentorship across the CSE organization Technical Protocol & Security Specificity Requirements • Transport Security: TLS 1.2/1.3, mTLS, HTTPS inspection, SSH, IPsec (IKEv2), QUIC/HTTP3, SMTPS/STARTTLS, LDAPS • Encryption at Rest: BitLocker, LUKS, FileVault, EFS, TPM integration, Secure Boot chains • Key Management: PKCS#11, KMIP, HSM integration, Cloud KMS (AWS KMS, Azure Key Vault, GCP KMS) • Data Classification & Metadata: Microsoft Information Protection (MIP), Sensitivity Labels, EDM, regex pattern matching, XMP, EXIF, Dublin Core • Data Formats: JSON, XML, YAML, CSV, Parquet, Office Open XML, PDF object structures, SQL/NoSQL schemas • Endpoint OS Internals (Windows): WFP, ETW, LSASS protections, Kernel/filter drivers, NTFS ADS, SMB, Group Policy • Endpoint OS Internals (Linux): SELinux, AppArmor, eBPF, inotify, PAM, Auditd, POSIX ACLs • macOS Security: Endpoint Security Framework, System Extensions, TCC • Identity Protocols: SAML 2.0, OAuth 2.0, OIDC, SCIM, LDAP, Kerberos, RADIUS, FIDO2/WebAuthn • DLP Enforcement Methods: Inline proxy DLP, Endpoint agent DLP, API-based SaaS DLP, CASB architectures, Clipboard/USB control, OCR detection • Cloud & Storage Protocols: S3 API, NFS, SMB 3.0, WebDAV, REST APIs, gRPC, object storage semantics, pre-signed URLs • Telemetry & Logging: Syslog, CEF, LEEF, Kafka pipelines, OpenTelemetry, Windows Event Logs • Regulatory Alignment: HIPAA technical safeguards, PCI DSS encryption controls, GDPR data handling, NIST 800-53, ISO 27001 Annex A Experience Requirements • 5–10 years of experience in data security, endpoint protection, or user risk solutions • Strong scripting and automation capabilities (Python, PowerShell, Bash) • Deep Windows and Linux operating system knowledge; macOS familiarity • Experience designing secure enterprise architectures across hybrid environments • Ability to communicate complex engineering decisions to executive and technical stakeholders Preferred Qualifications • Experience with Fortinet solutions including FortiDLP • Experience with competitive platforms (Cyberhaven, CrowdStrike, Symantec) • Public cloud architecture experience (AWS, Azure, GCP) • Technical sales leadership and engineering mentorship experience Education • Bachelor’s degree in Computer Science, Engineering, Cybersecurity, or related field and/or equivalent experience required • Advanced degree preferred   Fortinet offers employees a variety of benefits, including medical, dental, vision, life and disability insurance, 401(k), 11 paid holidays, vacation time, and sick time as well as a comprehensive leave program.  Wage ranges are based on various factors including the labor market, job type, and job level. On target earnings for this position is expected to be $185,000 - $315,000 per year. Exact salary offers will be determined by factors such as the candidate's subject knowledge, skill level, qualifications, experience, and geographic location. All roles are eligible to participate in the Fortinet equity program, and this position is also eligible for commissions based on the terms of the Sales Compensation Plan Fortinet (NASDAQ: FTNT) secures the largest enterprise, service provider, and government organizations around the world. Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network - today and into the future. Only the Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud or mobile environments. Fortinet ranks number one in the most security appliances shipped worldwide and more than 500,000 customers trust Fortinet to protect their businesses. We are committed to providing reasonable accommodations for all qualified individuals with disabilities. If you require assistance or accommodation due to a disability, please contact us at accommodations@fortinet.com.   Fortinet is an equal opportunity employer. We value diversity in our company, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age, military/veteran status or any other applicable legally protected characteristics in the location in which the candidate is applying.