Fortinet is seeking a Consulting Data Security Architect within the Advanced Consulting Security
Engineering (CSE) organization. This role serves as a senior technical authority supporting
strategic data security initiatives across endpoint, user risk, and data protection domains. The
position partners closely with Product Management, Field Sales, Professional Services, and
customers to deliver high-impact proof-of-concept engagements, advanced architectural designs,
and sales enablement. This is a hands-on engineering and architecture role requiring deep
operating system knowledge, data security domain expertise, scripting and automation proficiency,
and the ability to translate complex business requirements into secure, scalable technical designs.

Responsibilities

• Support high-profile proof-of-concept (POC) and proof-of-value (POV) engagements for
  strategic opportunities
• Architect and design complex data security and endpoint protection environments
• Provide deep technical guidance on endpoint data security, user risk management,
  classification frameworks, and metadata-driven controls
• Develop and maintain automation scripts for endpoint and agent deployment
• Translate regulatory and business requirements into enforceable technical policy frameworks
• Develop reference architectures and best-practice deployment patterns
• Lead technical sales engagements in collaboration with Field SEs and Account Teams
• Develop and deliver technical enablement and training programs
• Support Product Management with market-driven feature prioritization
• Provide technical mentorship across the CSE organization

Technical Protocol & Security Specificity Requirements

• Transport Security: TLS 1.2/1.3, mTLS, HTTPS inspection, SSH, IPsec (IKEv2), QUIC/HTTP3,
• SMTPS/STARTTLS, LDAPS
• Encryption at Rest: Bit Locker, LUKS, File Vault, EFS, TPM integration, Secure Boot chains
• Key Management: PKCS#11, KMIP, HSM integration, Cloud KMS (AWS KMS, Azure Key
• Vault, GCP KMS)
• Data Classification & Metadata: Microsoft Information Protection (MIP), Sensitivity Labels,
• EDM, regex pattern matching, XMP, EXIF, Dublin Core
• Data Formats: JSON, XML, YAML, CSV, Parquet, Office Open XML, PDF object structures,
• SQL/NoSQL schemas
• Endpoint OS Internals (Windows): WFP, ETW, LSASS protections, Kernel/filter drivers, NTFS
• ADS, SMB, Group Policy
• Endpoint OS Internals (Linux): SELinux, App Armor, eBPF, inotify, PAM, Auditd, POSIX ACLs
• macOS Security: Endpoint Security Framework, System Extensions, TCC
• Identity Protocols: SAML 2.0, OAuth 2.0, OIDC, SCIM, LDAP, Kerberos, RADIUS,
• FIDO2/Web Authn
• DLP Enforcement Methods: Inline proxy DLP, Endpoint agent DLP, API-based SaaS DLP,
• CASB architectures, Clipboard/USB control, OCR detection
• Cloud & Storage Protocols: S3 API, NFS, SMB 3.0, WebDAV, REST APIs, gRPC, object
  storage semantics, pre-signed URLs
• Telemetry & Logging: Syslog, CEF, LEEF, Kafka pipelines, Open Telemetry, Windows Event
• Logs
• Regulatory Alignment: HIPAA technical safeguards, PCI DSS encryption controls, GDPR data
  handling, NIST 800-53, ISO 27001 Annex A

Experience Requirements

• 5–10 years of experience in data security, endpoint protection, or user risk solutions
• Strong scripting and automation capabilities (Python, PowerShell, Bash)
• Deep Windows and Linux operating system knowledge; macOS familiarity
• Experience designing secure enterprise architectures across hybrid environments
• Ability to communicate complex engineering decisions to executive and technical stakeholders

Preferred Qualifications

• Experience with Fortinet solutions including FortiDLP
• Experience with competitive platforms (Cyberhaven, Crowd Strike, Symantec)
• Public cloud architecture experience (AWS, Azure, GCP)
• Technical sales leadership and engineering mentorship experience

Education

• Bachelor’s degree in Computer Science, Engineering, Cybersecurity, or related field and/or
  equivalent experience required
• Advanced degree preferred

Fortinet offers employees a variety of benefits, including medical, dental, vision, life and disability insurance, 401(k), 11 paid holidays, vacation time, and sick time as well as a comprehensive leave program.

Wage ranges are based on various factors including the labor market, job type, and job level. On target earnings for this position is expected to be $185,000 - $315,000 per year. Exact salary offers will be determined by factors such as the candidate's subject knowledge, skill level, qualifications, experience, and geographic location.

All roles are eligible to participate in the Fortinet equity program, and this position is also eligible for commissions based on the terms of the Sales Compensation Plan