Security Researcher
About CrowdStrike
CrowdStrike is the leader in cloud-delivered next-generation endpoint protection, threat intelligence, and pre- and post-incident response services. With the ability to collect and process over 100 billion events a day, CrowdStrike has revolutionized endpoint protection by being the first and only company to unify next-generation antivirus (AV), endpoint detection and response (EDR), and a 24/7 managed hunting service — all delivered via a single lightweight agent. We are one of the World's Most 50 Innovative Companies according to MIT, and one of Forbes Most Promising Companies. Our growth and innovation are driven by incredible employees who deliver unmatched customer success.
We have received a number of exciting awards including:
- October 2018: 100 Best Medium Workplaces Second Year in a Row by Fortune magazine.
- June 2018: Closed over $200 million, led by General Atlantic, Accel and IVP, with participation from March Capital and CapitalG (Google), achieving a valuation of more than $3 billion.
- April 2018: CrowdStrike Wins SC Award for Best Security Company Second Year in a Row.
About the Role
The CrowdStrike Intelligence Team is seeking a motivated and capable technical analyst to support the team with swift malware triage analysis capabilities.
The global CrowdStrike Falcon Intelligence™ team is at the forefront of CrowdStrike’s battles with nation state adversaries and criminal actors. We gather, analyze and report on over 110 threat actors that operate around the world. You will be part of the Intelligence Team’s Technical Analysis Cell (TAC) that provides the technical analysis backbone for all Intelligence related products that CrowdStrike offers.
As a distributed international team, we are looking for an energetic self-starter with the ability to take ownership and be accountable for deliverables while at the same time supporting and helping to improve upon our analysis workflow. If you would like to work with passionate people in a fast-paced, team-oriented environment, we have a role for you!
Your primary task will be to handle incoming technical analysis requests from customers and other teams within CrowdStrike. This involves analyzing and identifying malware, researching indicators, and correlating findings with existing intelligence. This role requires a broad knowledge of attacker techniques and a variety of technical analysis skills with a focus on malware reverse engineering and deobfuscation of malicious code. You are often CrowdStrike’s first technical analyst to triage critical nation-state and criminal cyber-attacks. As a result, timely and accurate analysis is crucial.
Responsibilities
- Extract configuration data from malware using in-house tools and manual analysis.
- Track relations between new threats and existing actors using in-house tools.
- Contribute to active mitigation efforts and support incident response engagements with back-end analysis capabilities and technical expertise.
- Provide timely identification and summarization of threats to customers.
- Respond to technical questions by other teams within CrowdStrike.
- Document threat evolutions and intelligence gaps for the broader Intelligence Team.
Key Qualifications
Required:
- Ability to express complex technical and non-technical concepts.
- Excellent writing skills are mandatory.
- Knowledge of programming and scripting languages, specifically Python.
- Strong problem-solving skills are a must.
- Knowledge of malware analysis techniques combined with ongoing interest and ability to learn and self-teach new techniques.
- Team player.
Preferred:
- Solid understanding of Windows OS internals and the Windows API.
- Knowledge of reverse engineering techniques and tools.
- Familiarity with actor tools used in targeted intrusions.
- Intelligence background is a plus.
Education:
- BA/BS degree or equivalent experience in Computer Science, Information Security, or a related field.
Benefits of Working at CrowdStrike:
- Market leader in compensation + stock options
- Competitive vacation policy
- Comprehensive health benefits + 401k plan (US only)
- Paid paternity and maternity leave, including adoption
- Flexible work hours and remote friendly environment
- Wellness programs
- Stocked fridges, coffee, soda, and lots of treats
- Peer recognition
- Inclusive culture focused on people, customers and innovation
- Regular team activities, including happy hours, community service events
CrowdStrike believes that diversity and inclusion among our organization is essential to our success as a global company, and we seek to attract, retain and empower the industry’s best and brightest from a diverse talent pool.
CrowdStrike is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law.