Incident Response Analyst at CrowdStrike
At CrowdStrike we’re on a mission - to stop breaches. Our groundbreaking technology, services delivery, and intelligence gathering together with our innovations in machine learning and behavioral-based detection, allow our customers to not only defend themselves, but do so in a future-proof manner. We’ve earned numerous honors and top rankings for our technology, organization and people – clearly confirming our industry leadership and our special culture driving it. We also offer flexible work arrangements to help our people manage their personal and professional lives in a way that works for them. So if you’re ready to work on unrivaled technology where your desire to be part of a collaborative team is met with a laser-focused mission to stop breaches and protect people globally, let’s talk.
Essential Duties and Responsibilities
- Develop detection patterns across a broad range of technologies and log sources.
- Triage detections and provide follow-up actions to mitigate risk (e.g. containment, incident.
- response, live response, etc).
- Identify coverage and efficiency gaps in security data and tooling.
- Provide information security reporting including security metrics as required.
- Participate in incident response and manage escalations as needed.
- Provide after-hours support on an on-demand basis.
- Drive efficient process development and documentation for all aspects of the detection and incident response lifecycle.
- Experience responding to security events, including front-line analysis and escalation, on hacktivist, cybercrime, and APT activity
- Extensive theoretical and practical knowledge with OSX, Linux, and Windows operating systems
- Extensive theoretical and practical knowledge with TCP/IP networking and application layers
- Experience with system/application log analysis, IDS/IPS alerting and data flow, and SIEM-based workflows
- Experience with security data collection, processing, and correlatio
- Scripting experience highly desirable (Python, Perl, Bash, Power Shell, etc.)
- Experienced user of Splunk
- Experience with host and network forensics
- Experience with malware analysis
- Undergraduate degree or direct experience in information security, information systems, or computer science
- Other technical security certifications or academic background a plus
- US Citizenship required due to direct work related to GovCloud
Benefits of Working at CrowdStrike:
- Market leader in compensation and equity awards
- Competitive vacation policy
- Comprehensive health benefits + 401k plan
- Paid paternity and maternity leave, including adoption
- Flexible work environment
- Wellness programs
- Stocked fridges, coffee, soda, and lots of treats
We are committed to building an inclusive culture of belonging that not only embraces the diversity of our people but also reflects the diversity of the communities in which we work and the customers we serve. We know that the happiest and highest performing teams include people with diverse perspectives and ways of solving problems so we strive to attract and retain talent from all backgrounds and create workplaces where everyone feels empowered to bring their full, authentic selves to work.
CrowdStrike is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law.