About The Position

CrowdStrike is looking for a highly motivated, self-driven, service member dedicated to protecting organizations against the most advanced adversaries in the world. The candidate would be responsible for hunting for historical and active threats in enterprise environments and providing actionable recommendations to remediate findings.

Requirements

  • An understanding of Windows and Linux forensic artifacts and analysis methodologies, including program execution, persistence, file system, event logging, process analysis, and anomaly detection.
  • Strong threat analysis skills, including hypothesis-driven analysis, IOC searching, long-tail analysis, correlation, and pivoting on findings, and time-lining threat activity.
  • An understanding of targeted attacks, including tradecraft associated with eCrime and nation-state adversaries, and an ability to use intelligence for targeted IOC searching.
  • An ability to create search queries and write simple scripts in Python or another scripting language.
  • A practical understanding of Windows and Linux operating systems, including file systems, registry, memory management, kernel and user-mode functions, identity, and process handling.
  • A practical understanding of network protocols and how data is handled at the various layers of the OSI model.
  • A familiarity with fundamental identity concepts, including Active Directory and associated protocols like Kerberos.
  • strong ability to communicate analysis findings to clients, including technical and executive audiences, and legal counsel.

Nice To Haves

  • Incident response experience, especially with large-scale investigations involving e-Crime and nation-state actors.
  • familiarity with one or more of the following cloud platforms: AWS, Azure, and GCP.
  • strong understanding of targeted attacks and an ability to create customized tactical and strategic remediation plans for compromised organizations.
  • BA or BS / MA or MS degree in Computer Science, Computer Engineering, Math, Information Security, Information Assurance, Information Security Management, Intelligence Studies, Cybersecurity, Cybersecurity Policy, or a related field. Applicants without a degree but with relevant work experience and/or training will be considered.

Responsibilities

  • Analyze logs and system artifacts looking for evidence of adversary activity in enterprise environments.
  • Produce high-quality written and verbal reports, presentations, recommendations, and findings to key stakeholders, including technical audiences, management, and legal Counsel.
  • Contribute to developing and maturing threat hunting capabilities, including research, methodology, and scripting.
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service