Application Security Engineer I
About CrowdStrike
CrowdStrike is the leader in cloud-delivered next-generation endpoint protection, threat intelligence, and pre- and post-incident response services. With the ability to collect and process over 100 billion events a day, CrowdStrike has revolutionized endpoint protection by being the first and only company to unify next-generation antivirus (AV), endpoint detection and response (EDR), and a 24/7 managed hunting service — all delivered via a single lightweight agent. We are one of the World's Most 50 Innovative Companies according to MIT, and one of Forbes Most Promising Companies. Our growth and innovation are driven by incredible employees who deliver unmatched customer success.
Recent Accomplishments
- June 2018: Series E Funding of over $200Million and a valuation of +$3Billion
- April 2018: CrowdStrike Wins SC Award for Best Security Company Second Year in a Row.
- October 2017: 100 Best Medium Workplaces for 2017 by Fortune magazine.
About the Role
Help us protect CrowdStrike and its customers from the most advanced threats! CrowdStrike’s Product Security team breaks the mold of traditional internal security and focuses on active threats to CrowdStrike’s products. As an Application Security Engineer, you will perform technical security assessments, code reviews, and security testing to highlight risk and help engineering teams improve the overall security posture of our platform.
Responsibilities
- Help ensure software and systems are designed and implemented to the highest security standards
- Develop threat models and test plans for new and existing platform components
- Create tools to help test and monitor system security posture
- Test technical system components from module subsystems to entire frameworks
- Develop system design and coding best practices for engineering teams
Requirements
- Application security testing experience
- Programing knowledge in at least 2 languages (C/C++, Go, Python, Ruby, Java, PHP, Perl, others)
- Protocol knowledge of TCP/IP, HTTP, applied Cryptography, others
- Exposure to Windows, OSX, and Linux operating system
Bonus Points
- Familiarity with tools such as Wireshark, Kali, Postman, BurpSuite, Nmap, Metasploit, others
- Strong debugging skills. Ability to spot design flaws, race conditions, performance bottlenecks in complex architectures and simple misconfigurations.
- Experience testing Restful APIs
- Familiarity with secure coding concepts
- You’re a clear thinker and efficient communicator
- OSCP certified
- Other technical security certifications or academic background a plus
Benefits of Working at CrowdStrike
- Competitive compensation + Stock Options
- 401k
- Competitive Vacation Policy
- Competitive Health, dental, and vision benefits for you and your family
- We embrace distributed work and flexible work hours
- Wellness programs
- Stocked fridges, coffee, soda, and lots of treats
- Free lunches regularly catered
- Regular team activities, including happy hours, community service events
CrowdStrike believes that diversity and inclusion among our organization is essential to our success as a global company, and we seek to attract, retain and empower the industries best and brightest from a diverse talent pool.
CrowdStrike is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law.