Penetration Test Engineer (Remote) at CrowdStrike

| Austin
Sorry, this job was removed at 5:22 a.m. (CST) on Saturday, February 6, 2021
Find out who's hiring in Austin.
See all Developer + Engineer jobs in Austin

About the Role:

Good at breaking things? Have a strong passion for security best practices? This job is for you! This position is responsible for developmental and operational penetration testing for CrowdStrike assets, infrastructure and online properties.

This position requires someone with expertise in manual and automated web application penetration testing with the knowledge needed to breach security defenses. The ideal candidate will have at least two years of experience performing penetration tests using a mix of commercially available, open source and personally built tools. A solid understanding of network protocols, server and web application weaknesses is also needed.

The successful candidate will have strong communication skills and poses the ability to speak to all levels while working in a complex distributed cloud-based environment.

Additional Responsibilities:

  • Perform comprehensive penetration testing assessments across the organization.

  • Manage the entire lifecycle of penetration testing findings from discovery, triage, advising, remediation, and validation.

  • Work with various different business units to perform penetration testing assessments on systems, infrastructure and applications before go live rollouts.

  • Work with third-party vendors to ensure they are meeting and adhering to the organization’s security requirements.

  • Examine public facing and internal web applications to discover security weaknesses which present undue security risk to the organization.

  • Examine systems and applications to assess the current security posture.

  • Manage penetration testing related tickets to drive remediation and ensure issues are on track to be completed within proper timelines.

  • Advocate for security best practices across the organization.

What You’ll Need:

  • Advanced knowledge of server and client operating systems.

  • Advanced knowledge of web application security issues and poses capabilities to assess common weaknesses including, but not limited to those within OWASP top 10.

  • Extensive computer skills and an understanding of networking, cryptography, web applications, databases, virtualization, containers, and wireless technologies.

  • Deep understanding of dynamic cloud environments and common security weaknesses related to the cloud.

  • Ability to prioritize impactful findings and drive items to remediation.

  • Experience working with Mac, Windows, Linux and/or other Unix-like variants.

  • Extensive understanding of TCP, UDP, HTTP, IP and other network protocols.

  • A detailed understanding of how to triage vulnerabilities using CVSS calculators and the ability to validate security related findings.

  • Possess the ability to work independently.

  • Proactive go getter attitude to solve challenging problems.

  • Stays up to date with current vulnerabilities and new attack techniques.

  • Ability to automate and script tasks using your preferred language (e.g. Golang, Python, Ruby, Rust, C, C++, BASH, etc.)

  • The ability to work with teammates across the organization in different time zones and maintain healthy working relationships.

  • Technical security certifications or academic background a plus.

  • CVEs or bug bounty rewards

  • Documented CTF writeups or victories

  • Professional group affiliations

  • Open Source project contributions

Bonus Points:

  • Experience conducting web application and web API penetration testing.

  • Experience working with bug bounty programs.

  • Experience executing effective email phishing campaigns with custom domains, website hosting, payload delivery, credential harvesting, antivirus bypass techniques, and additional components within this area.

  • Ability to utilize and write scripts against common web APIs (REST, SOAP).

  • Knowledge of cloud platforms and highly concurrent systems.

  • Knowledge of build pipelines and CI tools.

  • You’re a clear thinker and efficient communicator (i.e. written and verbal).

  • Ability to create elegant looking PowerPoints or Slide Decks.

#LI-LY1

#LI-LAC1

#LI-Remote

Read Full Job Description
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Technology we use

  • Sales & Marketing
    • SalesforceCRM

Location

Fantastic downtown location walking distance to awesome restaurants and happy hour spots.

An Insider's view of CrowdStrike

What's something quirky about your company?

Our mascot is a falcon so the SDR team puts falcon in front of activities - for example when we do team stretches when everyone needs to get up from their chair and take a break we call it Falcon Stretch

Jessica

SDR Manager

What does your typical day look like?

A corporate account executive is essentially a relationship manager between any organization that we're working with and CrowdStrike. We're strategic and we really dig into the current security environment of a company. Finding out what their pain points are, finding out what their goals are and then we consultatively position a solution for their

Theo

Corporate Account Executive

How does the company support your career growth?

I started off as an intern and then joined CrowdStrike as an SDR. I was quickly promoted to an SDR team lead and now I'm looking at my next possibilities. I have friends that work in other companies and their trajectory in their first entry level job can take 2-3 years. At CrowdStrike, if you prove yourself, you're fast tracked to the next role.

Marit

SDR Team Lead

How do you empower your team to be more creative?

My leadership style is to be supportive and a little bit experimental. We don't try to cookie cut our reps. We want everyone to find out what they are good at and then coach to those strengths, cover the weaknesses and help everyone find their own way to be successful.

Jack

Director Corporate Sales, East

How do you make yourself accessible to the rest of the team?

There is real cohesion and teamwork here. We're all in this open setting sharing what is working for us in real time. So I would say it's very much a team and we have a tribal knowledge atmosphere. We all help each other succeed.

Pasquale

Corporate Account Executive

What are CrowdStrike Perks + Benefits

CrowdStrike Benefits Overview

We offer flex schedules, a comprehensive benefits package, health and wellness programs, fully stocked company pantry, company and team events, and commuter benefits. We also offer our people the chance to work on passion projects and innovation during our annual “Think Week” as well as peer recognition and reward programs like Team Bravo award for cross-functional collaboration and Hero award for those who embody our core values and live our culture.

Culture
Volunteer in local community
CrowdStrike supports employees in charitable efforts and community service for charities and causes important to the local team.
Friends outside of work
Eat lunch together
Open door policy
Team owned deliverables
Team based strategic planning
Group brainstorming sessions
Open office floor plan
Diversity
Dedicated Diversity/Inclusion Staff
Unconscious bias training
Someone's primary function is managing the company’s diversity and inclusion initiatives
Diversity Employee Resource Groups
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Disability Insurance
Dental Benefits
Vision Benefits
Health Insurance Benefits
Life Insurance
Wellness Programs
Mental Health Benefits
Retirement & Stock Options Benefits
401(K)
Competitive 401(k) plan.
401(K) Matching
Company Equity
RSU's are available as part of employee compensation.
Employee Stock Purchase Plan
Performance Bonus
Match charitable contributions
Child Care & Parental Leave Benefits
Generous Parental Leave
CrowdStrike provides 12 weeks of parental leave for the primary caregiver and 8 weeks leave for the secondary care giver.
Flexible Work Schedule
Remote Work Program
Family Medical Leave
Adoption Assistance
Return-to-work program post parental leave
Company sponsored family events
We sponsor company-wide bring your child to work days as well as company events where family is encouraged to attend.
Vacation & Time Off Benefits
Unlimited Vacation Policy
Generous PTO
Paid Volunteer Time
Paid Holidays
Paid Sick Days
Perks & Discounts
Casual Dress
Commuter Benefits
We offer pre-tax commuter benefits.
Company Outings
Game Room
Stocked Kitchen
Some Meals Provided
Happy Hours
Parking
Relocation Assistance
Professional Development Benefits
Job Training & Conferences
Diversity Program
Lunch and learns
Cross functional training encouraged
Promote from within
Mentorship program
Time allotted for learning
Online course subscriptions available
More Jobs at CrowdStrike21 open jobs
All Jobs
Data + Analytics
HR + Recruiting
Operations
Sales