Security Researcher, eCrime
The CrowdStrike Intelligence Team is seeking a motivated malware reverse engineer with excellent technical skills to research advanced cybercriminal attacks. The Intelligence Team’s Technical Analysis Cell (TAC) is at the forefront of CrowdStrike’s battles with nation state adversaries and criminal actors.
This is a highly technical position on the eCrime TAC team that serves an important role in developing finished intelligence products, conducting analysis, increasing our coverage of the global threat landscape, and contributing to the continuous tracking of criminal adversary groups.
As a distributed international team, we are looking for an energetic self-starter with the ability to take ownership and be accountable for deliverables while at the same time supporting and helping to improve upon our analysis workflow. If you'd like to work with passionate people in a fast-paced, team-oriented environment, you've come to the right place!
Responsibilities
- Discover, analyze and track advanced cyber attack campaigns and document findings.
- Produce high-quality threat intelligence reporting for all levels of readership, including actionable mitigation and detection guidance.
- Develop tools to assist with automation of analysis tasks and tracking of threat actors.
- Contribute to active mitigation efforts and support incident response engagement with technical expertise.
- Write blog articles on novel threats and research results.
Key Qualifications
Required:
- Profound knowledge of reverse engineering tools (disassemblers, decompilers, debuggers) and processes (unpacking malware, reconstructing code logic, etc.)
- At least two years of experience in static and dynamic malicious code reverse engineering
- Strong knowledge of the most prevalent eCrime malware families and botnets
- Knowledge of programming and scripting languages, in particular Python
- Solid understanding of Microsoft Windows internals and the Windows API
- Ability to analyze raw network data and to develop custom protocol decoders and decryption tools
- Ability to express complex technical and non-technical concepts in verbal and graphical products.
- Excellent writing skills are mandatory.
Preferred:
- A background in exploit and vulnerability analysis is a plus.
- Familiarity with UNIX-based platforms is a plus.
Education:
- BA/BS degree or equivalent experience in Computer Science, Information Security, or a related field.
Location:
Remote, with occasional travel. Must be located in the U.S., U.K., Canada, Australia, Germany, Romania, or the Netherlands.
CrowdStrike is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law.