Red Team Technical Operations Engineer (Remote)

CrowdStrike

16h•Remote

About The Position

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you. About the Role: The Red Team TechOps Engineer will join a non-billable R&D team dedicated to supporting Professional Services Red Team activities in client networks that simulate known threat actors. This Red Team helps CrowdStrike customers identify and reduce gaps in their ability to deter malicious activity. We’re looking for an engineer that will support the team by reducing operational uncertainty against defensive products, among other tasks that improve the team’s strategic and tactical capabilities.

Requirements

Reverse engineering skills and mindset in both vulnerability research and malware analysis.
Forward engineering skills in languages such as C++, C#, and Python.
Systems programming background in at least Windows + aptitude to learn Linux and macOS.
Demonstrable understanding of EDR internals and other telemetry-based technologies.
Demonstrable familiarity with using the OODA loop concept to subvert complex systems.
Prior experience in goal-oriented red team operations and penetration testing phases.
Ability to recognize and demonstrate that stealth is relative.
Ability to factor human cognition when developing technical bypasses (e.g. reflexive control, IPb).
Ability to maintain discretion related to sensitive work (both internally and externally).
Ability to be receptive to peer review and conform to project-specific conventions.
Ability to explain topics you are familiar with at different abstraction levels.
Ability to manage development projects from conception to ongoing maintenance.
Ability to handle high pressure situations in a productive and professional manner.
Ability to simultaneously consider multiple (sometimes opposing) perspectives.
Ability to apply best practices (but flexible to bend conventions when appropriate).
Ability to form conclusions driven by data and evidence, in addition to intuition.
Interest in knowing something about everything, and everything about something.
3+ years of relevant engineering experience (some skills will be learned on the job).
Excellent oral and written communications skills in English.
Strong problem solving and critical thinking skills.
Ability to handle high pressure situations in a productive and professional manner.

Nice To Haves

Prior experience in UX/UI elements of projects to improve workflows and adoption.
Security community participation (conference speaker or tool contributor) is a plus.
Experience with developing custom C2 frameworks or offensive security tooling is a plus.
Prior experience with event streaming, web development, and data analysis is a plus.
Familiarity with the following is a plus: Kafka, FastAPI, Neo4j, LogScale, Docker, Jenkins.
Interest in modeling decision-making processes used for selecting TTPs is a plus.
Interest in understanding adversary emulation beyond the execution of cyber TTPs.
Interest in understanding the dual-use nature of arbitrary technologies.
Interest in developing solutions with a systems thinking approach.
Interest in integrating knowledge from various non-cybersecurity domains is a plus.
Interdisciplinary educational background (outside of cybersecurity) is a plus.
Passion to understand and develop solutions requiring skills (from ASM to ML).
You are not required to be an expert in every skill, but should maintain an interest in how they are connected.

Responsibilities

Build and maintain product testing systems that generate data for a decision support system.
Actively use systems to provide bespoke tactical intelligence to operators on engagements.
Respond to regular product updates to ensure capabilities are functional and resilient.
Development tasks that are both malware-oriented and platform-oriented.
Programming for Windows, Linux, and macOS platforms (user- and kernel-mode).
Programming related to event streaming, telemetry post-processing, and build engineering.
Provide development and infrastructure support to improve overall offensive capabilities.
Review analytics data from sensors to guide the development of offensive tradecraft.
Develop initial access and post-exploitation capabilities (some evasive, some noisy).
Contribute to capabilities to enhance operator decision making.
Proactively identify opportunities to improve workflows and processes.
Document completed development projects for operational use.
Share responsibilities on administration and infrastructure.

Benefits

Market leader in compensation and equity awards
Comprehensive physical and mental wellness programs
Competitive vacation and holidays for recharge
Paid parental and adoption leaves
Professional development opportunities for all employees regardless of level or role
Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections
Vibrant office culture with world class amenities
Great Place to Work Certified™ across the globe

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume