Senior Security Researcher
About CrowdStrike
CrowdStrike is the leader in cloud-delivered next-generation endpoint protection, threat intelligence, and pre- and post-incident response services. With the ability to collect and process over 100 billion events a day, CrowdStrike has revolutionized endpoint protection by being the first and only company to unify next-generation antivirus (AV), endpoint detection and response (EDR), and a 24/7 managed hunting service — all delivered via a single lightweight agent. We are one of the World's Most 50 Innovative Companies according to MIT, and one of Forbes Most Promising Companies. Our growth and innovation are driven by incredible employees who deliver unmatched customer success.
We have received a number of exciting awards including:
- October 2018: 100 Best Medium Workplaces Second Year in a Row by Fortune magazine.
- June 2018: Closed over $200 million, led by General Atlantic, Accel and IVP, with participation from March Capital and CapitalG (Google), achieving a valuation of more than $3 billion.
- April 2018: CrowdStrike Wins SC Award for Best Security Company Second Year in a Row.
Position Description
The CrowdStrike Intelligence Team is seeking a motivated malware reverse engineer with excellent technical skills to research advanced cybercriminal attacks. The Intelligence Team’s Technical Analysis Cell (TAC) is at the forefront of CrowdStrike’s battles with nation state adversaries and criminal actors. We combine world-class intelligence analysis with deep-dive reverse engineering and malicious code analysis, building and using cutting-edge automation systems to deliver actionable indicators and operational insights. This is a highly technical position on the eCrime TAC team that serves an important role in developing finished intelligence products, conducting analysis, increasing our coverage of the global threat landscape, and contributing to the continuous tracking of criminal adversary groups.
Responsibilities
- Discover, analyze and track advanced cyber-attack campaigns through malware reverse engineering and document findings.
- Produce high-quality threat intelligence reporting for all levels of readership, including actionable mitigation and detection guidance.
- Develop tools to assist with automation of malware analysis tasks and tracking of threat actors.
- Contribute to active mitigation efforts and support incident response engagements with technical expertise.
- Write blog articles on novel threats and research results.
Key Qualifications
Required:
- Profound knowledge of reverse engineering tools (disassemblers, decompilers, debuggers) and processes (unpacking malware, reconstructing code logic, etc).
- At least five years of experience in static and dynamic malicious code reverse engineering.
- Strong knowledge of the most prevalent E-Crime malware families and botnets.
- Knowledge of programming and scripting languages, in particular Python.
- Solid understanding of Windows OS internals and the Windows API.
- Ability to analyze raw network data and to develop custom protocol decoders and decryption tools.
- Ability to express complex technical and non-technical concepts in verbal and graphical products.
- Excellent writing skills are mandatory.
Preferred:
- A background in exploit and vulnerability analysis is a plus.
- At least five years of experience in static and dynamic malicious code reverse engineering.
- MA/MS degree, Ph.D. or equivalent experience in Computer Science, or a related field.
Education:
- BA/BS or equivalent experience in Computer Science, or a related field
Location:
- Remote, with occasional travel. Must be located in the U.S., U.K., Canada, Australia, Germany, Spain, France, Romania, Ireland, or the Netherlands.
Benefits of Working at CrowdStrike:
- Market leader in compensation and equity awards
- Competitive vacation policy
- Comprehensive health benefits + 401k plan (US only)
- Paid paternity and maternity leave, including adoption
- Flexible work hours and remote friendly environment
- Wellness programs
- Stocked fridges, coffee, soda, and lots of treats
- Peer recognition
- Inclusive culture focused on people, customers and innovation
- Regular team activities, including happy hours, community service events
CrowdStrike believes that diversity and inclusion among our organization is essential to our success as a global company, and we seek to attract, retain and empower the industry’s best and brightest from a diverse talent pool.
CrowdStrike is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law.