Security Researcher
About CrowdStrike
CrowdStrike is the leader in cloud-delivered next-generation endpoint protection, threat intelligence, and pre- and post-incident response services. With the ability to collect and process over 100 billion events a day, CrowdStrike has revolutionized endpoint protection by being the first and only company to unify next-generation antivirus (AV), endpoint detection and response (EDR), and a 24/7 managed hunting service — all delivered via a single lightweight agent. We are one of the World's Most 50 Innovative Companies according to MIT, and one of Forbes Most Promising Companies. Our growth and innovation are driven by incredible employees who deliver unmatched customer success.
We have received a number of exciting awards including:
- October 2018: 100 Best Medium Workplaces Second Year in a Row by Fortune magazine.
- June 2018: Closed over $200 million, led by General Atlantic, Accel and IVP, with participation from March Capital and CapitalG (Google), achieving a valuation of more than $3 billion.
- April 2018: CrowdStrike Wins SC Award for Best Security Company Second Year in a Row.
About the Role
Can you run a system exposed to the Internet but secured from all the darkness out there? Can your knowledge of security break into the systems others on your team set up, and gain persistent access without them noticing? Then come join the Advanced Research Team in CrowdStrike Intelligence! You will use your extensive knowledge of Windows, Linux, UNIX and BSD server systems to setup and maintain secure systems. But it's never only about defense: challenge your peers and attack their systems and demonstrate persistent access and covert exfiltration bypassing their defenses (after coordinating a viable test window). You will use Python and Shell scripting to automate maintenance and other tasks around these systems. Documentation is key and you are able to write detailed documentation and threat analyses around these systems.
Essential Functions:
- INTEGRATE INTO THE EXISTING INTELLIGENCE TEAM AND TAKE REQUIREMENTS FROM TEAM MEMBERS AND OTHER TEAMS AS INTERNAL CUSTOMERS
- AUTONOMOUSLY DEVELOP REQUIREMENTS BASED ON ANYTHING FROM VAGUE MISSION STATEMENTS TO VERY DETAILED TECHNICAL SPECIFICATIONS
- IMPLEMENT SYSTEM MANAGEMENT AND SYSTEM HEALTH MONITORING COMPONENTS IN LANGUAGES SUCH AS PYTHON OR SHELL SCRIPTING, MAKING CHOICES ABOUT IMPLEMENTATION SPECIFICS YOURSELF
- DEPLOY AND SECURE WINDOWS, LINUX, UNIX AND BSD SERVER SYSTEMS
- CHANGE ROLES AND PERFORM PENETRATION TESTING AND SECURITY ASSESSMENT ON OTHERS' SYSTEMS
- DEVELOPMENT IN C/C++ AND ARCHITECTURE SPECIFIC ASSEMBLY AS REQUIRED
- INDEPENDENT ABILITY TO COMMUNICATE IN PROCESS SPECIFIC DOCUMENT FORMATS
Qualifications
- BACHELOR’S DEGREE IN COMPUTER SCIENCE, MANAGEMENT INFORMATION SYSTEMS, OR WORK-RELATED DISCIPLINE/FIELD FROM AN ACCREDITED COLLEGE OR UNIVERSITY. EQUIVALENT FIELD EXPERIENCE CONSIDERED.
- 4+ YEARS EXPERIENCE PREFERRED WITH DIRECT EXPERIENCE EITHER AS A SYSTEMS ADMINISTRATOR OR SECURITY RESEARCHER.
- VERY PROFICIENT IN THE PYTHON AND SHELL SCRIPTING PROGRAMMING LANGUAGES WITH AT LEAST 3+ YEARS EXPERIENCE DEVELOPING PRODUCTION CODE IN THESE LANGUAGES.
- VERY EXTENSIVE WINDOWS, LINUX, UNIX AND BSD SERVER EXPERIENCE INCLUDING EXPERIENCE SECURING INSTALLATIONS FROM A SYSTEM AND NETWORK PERSPECTIVE
- ABILITY TO COMMUNICATE TECHNICAL DETAIL INTO SUCCINCT AND FACT-BASED BUSINESS TERMINOLOGY, BOTH VERBALLY AND IN WRITING.
- CUSTOMER-FOCUSED MINDSET, WITH DEMONSTRATED SKILL IN MANAGING EXPECTATIONS, PROVIDING PROACTIVE STATUS UPDATES, AND PRODUCING HIGH-QUALITY WORK PRODUCT.
- ABILITY TO USE INDEPENDENT JUDGMENT TO MAKE SOUND, JUSTIFIABLE DECISIONS AND TAKE ACTION TO SOLVE PROBLEMS.
- STRONG LEADERSHIP SKILLS WITH DEMONSTRATED ABILITY TO PRIORITIZE AND EXECUTE IN A METHODICAL AND DISCIPLINED MANNER.
- ABILITY TO PLAN, ORGANIZE AND PRIORITIZE WORK INDEPENDENTLY AND MEET DEADLINES.
- ABILITY TO WORK IN A COLLABORATIVE, TEAM ENVIRONMENT.
Preferred Qualifications
- WORK EXPERIENCE IN SECURITY RELEVANT AND HOSTILE NETWORK ENVIRONMENTS.
- PROFICIENCY IN THE C AND C++ PROGRAMMING LANGUAGES.
- PROFICIENCY IN VARIOUS MACHINE LEVEL ASSEMBLY LANGUAGES, SUCH AS X86, ARM AND MIPS ASSEMBLY.
- EXPERIENCE FROM INFORMATION SECURITY CAPTURE-THE-FLAG COMPETITIONS OR COMPARABLE OFFENSIVE INFORMATION SECURITY EXPERIENCE.
Benefits of Working at CrowdStrike:
- Market leader in compensation
- Competitive vacation policy
- Comprehensive health benefits + 401k plan
- Paid paternity and maternity leave, including adoption
- Flexible work hours and remote friendly environment
- Wellness programs
- Stocked fridges, coffee, soda, and lots of treats
- Peer recognition
- Inclusive culture focused on people, customers and innovation
- Regular team activities, including happy hours, community service events
CrowdStrike believes that diversity and inclusion among our organization is essential to our success as a global company, and we seek to attract, retain and empower the industry’s best and brightest from a diverse talent pool.
CrowdStrike is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law.