Sr. Red Team Consultant
About CrowdStrike
At CrowdStrike we’re on a mission - to stop breaches. Our groundbreaking technology, services delivery, and intelligence gathering together with our innovations in machine learning and behavioral-based detection, allow our customers to not only defend themselves, but do so in a future-proof manner. We’ve earned numerous honors and top rankings for our technology, organization and people – clearly confirming our industry leadership and our special culture driving it. We also offer flexible work arrangements to help our people manage their personal and professional lives in a way that works for them. So if you’re ready to work on unrivaled technology where your desire to be part of a collaborative team is met with a laser-focused mission to stop breaches and protect people globally, let’s talk.
The Red Team Consultant will join a team dedicated to performing Red Team activities that simulate known threat actor. We are a customer first driven team that helps CrowdStrike customer’s identify gaps in their ability to detect malicious activity at each phase of an attack.
About the Role
- Experience with using, administering, and troubleshooting at least two major flavors of Windows, Linux, including Ubuntu or RedHat.
- Experience with scripting and editing existing code and programming using one or more of the following: Perl, Python, Ruby, bash, C/C++, C#, or Java.
- Experience with security assessment tools, including Nessus, Metasploit, Burp Suite Pro, Cobalt Strike, or Empire.
- Experience with remote code execution activities including privilege escalation and lateral movement.
- Knowledge of application, database, or Web server design.
- Knowledge of internal network penetration, web application security testing, external network penetration testing, and red teaming.
- Knowledge of open security testing standards and projects, including OWASP, Cyber Kill Chain, or MITRE ATT&CK Framework.
- Ability to convey results clearly in formal technical reports.
- Experience with working in a commercial consulting or professional services environment.
- Experience with wireless LAN security, including 802.11 standards.
- Experience with phishing and other social engineering tactics.
Preferred Qualifications
- Minimum 3 years of experience in a Red Team/Penetration Testing activities is highly preferred
- Security community participation (conference speaker, tool development contributor, …) is highly preferred
- Advanced experience with Security Assessment Toolsets (Metasploit, Cobalt Strike, Nessus, Burp Suite, etc.)
- Comprehensive understanding of the security methodologies, technologies, and best practices
- Advanced experience with Networking components (routers, switches, load balancers, wireless access points, etc.)
- Comprehensive knowledge of firewalls, proxies, mail servers and web servers
- Advanced experience with operational support for operating systems, applications and networks
- Advanced experience with vulnerability/penetration testing/adversary emulation assessments
- Advanced experience in automation and scripting of applications and systems
- Desirable Certifications: OSCP, GPEN, OSCE, GCIH, GXPN
- Occasional travel may be required (<25%)
Benefits of Working at CrowdStrike:
- Market leader in compensation and equity awards
- Competitive vacation policy
- Comprehensive health benefits + 401k plan
- Paid paternity and maternity leave, including adoption
- Flexible work environment
- Wellness programs
- Stocked fridges, coffee, soda, and lots of treats
We are committed to building an inclusive culture of belonging that not only embraces the diversity of our people but also reflects the diversity of the communities in which we work and the customers we serve. We know that the happiest and highest performing teams include people with diverse perspectives and ways of solving problems so we strive to attract and retain talent from all backgrounds and create workplaces where everyone feels empowered to bring their full, authentic selves to work.
CrowdStrike is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law.