Red Team Technical Operations Engineer (Remote)

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.

About the Role:

The Red Team TechOps Engineer will join a non-billable R&D team dedicated to supporting Professional Services Red Team activities in client networks that simulate known threat actors. This Red Team helps CrowdStrike customers identify and reduce gaps in their ability to deter malicious activity. We’re looking for an engineer that will support the team by reducing operational uncertainty against defensive products, among other tasks that improve the team’s strategic and tactical capabilities.

What You’ll Do:

• Build and maintain product testing systems that generate data for a decision support system.

• Actively use systems to provide bespoke tactical intelligence to operators on engagements.

• Respond to regular product updates to ensure capabilities are functional and resilient.

• Development tasks that are both malware-oriented and platform-oriented.

• Programming for Windows, Linux, and macOS platforms (user- and kernel-mode).

• Programming related to event streaming, telemetry post-processing, and build engineering.

• Provide development and infrastructure support to improve overall offensive capabilities.

• Review analytics data from sensors to guide the development of offensive tradecraft.

• Develop initial access and post-exploitation capabilities (some evasive, some noisy).

• Contribute to capabilities to enhance operator decision making.

• Proactively identify opportunities to improve workflows and processes.

• Document completed development projects for operational use.

• Share responsibilities on administration and infrastructure.

What You’ll Need:

• Reverse engineering skills and mindset in both vulnerability research and malware analysis.

• Forward engineering skills in languages such as C++, C#, and Python.

• Systems programming background in at least Windows + aptitude to learn Linux and macOS.

• Demonstrable understanding of EDR internals and other telemetry-based technologies.

• Demonstrable familiarity with using the OODA loop concept to subvert complex systems.

• Prior experience in goal-oriented red team operations and penetration testing phases.

• Prior experience in UX/UI elements of projects to improve workflows and adoption.

• Security community participation (conference speaker or tool contributor) is a plus.

• Experience with developing custom C2 frameworks or offensive security tooling is a plus.

• Prior experience with event streaming, web development, and data analysis is a plus.

• Familiarity with the following is a plus: Kafka, FastAPI, Neo4j, LogScale, Docker, Jenkins.

All candidates must possess the following qualifications:

• Strong problem solving and critical thinking skills.

• Excellent oral and written communications skills in English.

• 3+ years of relevant engineering experience (some skills will be learned on the job).

• Ability to recognize and demonstrate that stealth is relative.

• Ability to factor human cognition when developing technical bypasses (e.g. reflexive control, IPb).

• Ability to maintain discretion related to sensitive work (both internally and externally).

• Ability to be receptive to peer review and conform to project-specific conventions.

• Ability to explain topics you are familiar with at different abstraction levels.

• Ability to manage development projects from conception to ongoing maintenance.

• Ability to handle high pressure situations in a productive and professional manner.

• Ability to simultaneously consider multiple (sometimes opposing) perspectives.

• Ability to apply best practices (but flexible to bend conventions when appropriate).

• Ability to form conclusions driven by data and evidence, in addition to intuition.

• Interest in knowing something about everything, and everything about something.

• Interest in modeling decision-making processes used for selecting TTPs is a plus.

• Interest in understanding adversary emulation beyond the execution of cyber TTPs.

• Interest in understanding the dual-use nature of arbitrary technologies.

• Interest in developing solutions with a systems thinking approach.

• Interest in integrating knowledge from various non-cybersecurity domains is a plus.

• Interdisciplinary educational background (outside of cybersecurity) is a plus.

• Passion to understand and develop solutions requiring skills (from ASM to ML). You are not required to be an expert in every skill, but should maintain an interest in how they are connected.

#LI-DL1

#LI-Remote

Benefits of Working at CrowdStrike:

• Market leader in compensation and equity awards

• Comprehensive physical and mental wellness programs 

• Competitive vacation and holidays for recharge  

• Paid parental and adoption leaves

• Professional development opportunities for all employees regardless of level or role

• Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections

• Vibrant office culture with world class amenities

• Great Place to Work Certified™ across the globe

CrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program.

CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment. The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law. We base all employment decisions--including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs--on valid job requirements.

If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at [email protected] for further assistance.

Find out more about your rights as an applicant.

CrowdStrike participates in the E-Verify program.

Notice of E-Verify Participation

Right to Work

For detailed information about the U.S. benefits package, please click here.