Sr. Threat Hunter (Remote)
About The Position
We are looking for a passionate cyber professional to join our rapidly growing team of intrusion analysts tasked with defending CrowdStrike customers and understanding their adversaries. As part of our remote close-knit team, you will bring with you your experience in cybersecurity to help evolve how we do threat hunting at CrowdStrike. After a period of learning our custom-built tool suite, workflows, and methodologies you will join other OverWatch analysts protecting our customer's networks by identifying and understanding intrusions using Falcon Endpoint data and the broader CrowdStrike product suite. You will be analyzing adversary activity and communicating those findings to customers as part of our fast-paced time sensitive mission to help stop breaches. When the pressure is off you will have time to undertake research to improve our detection capabilities, understand our adversaries, build tools, or work with other CrowdStrike teams across a broad range of topics and projects. If you are proficient in either network/host-based intrusion analysis, cloud/identity, digital forensics or cyber threat intelligence, and you want to gain fast-paced experience in dealing with eCrime threat actors, we may have a role for you!
Requirements
- Ability to convey complex or technical concepts to various stakeholders.
- Demonstrated experience in endpoint security, cybersecurity, threat intelligence, or cloud security principles.
- An excellent understanding of operating systems
- Experience with logging platforms such as LogScale, Splunk, or Kibana and creating queries to identify suspicious activity
- Having a good understanding of current and emerging threats and ability to demonstrate practical knowledge of security research
- Bachelor's degree in a relevant field or comparable work experience.
Nice To Haves
- Experience correlating investigations across third party data sources (e.g.: leveraging IAM data while analyzing an EDR alert)
- Experience investigating commonly leveraged TTPs observed across Azure, and or AWS Cloud Computing Providers
- Experience in a security operations center or similar environment tracking threat actors or responding to incidents
- Being able to demonstrate experience in conventional network or host-based intrusion analysis, and identity or cloud security fundamentals.
- Published research or findings at conferences or through other non-academic channels (blogs, articles, etc.)
Responsibilities
- Protect our customer's networks by identifying and understanding intrusions using Falcon Endpoint data and the broader CrowdStrike product suite.
- Analyze adversary activity and communicate those findings to customers as part of our fast-paced time sensitive mission to help stop breaches.
- Undertake research to improve our detection capabilities, understand our adversaries, build tools, or work with other CrowdStrike teams across a broad range of topics and projects
- Participate in active and passive threat hunting and gain fast-paced experience in dealing with threat actors
Benefits
- Market leader in compensation and equity awards
- Comprehensive physical and mental wellness programs
- Competitive vacation and holidays for recharge
- Paid parental and adoption leaves
- Professional development opportunities for all employees regardless of level or role
- Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections
- Vibrant office culture with world class amenities
- Great Place to Work Certified™ across the globe
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
