Principal Consultant, Incident Response (Remote) at CrowdStrike
About the Role:
CrowdStrike is looking for highly motivated, self-driven, technical consultants dedicated to making a difference in global security by protecting organizations against the most advanced attackers in the world. Our CrowdStrike Services team offers opportunities to expand your skill set through a wide variety of engagements including front page incident response investigations, adversary-focused penetration testing (be the adversary, don’t just run scans), and proactive and strategic assessment services for organizations you’ll find on the annual Fortune 100 list.
This is a remote position open to candidates located on the West Coast/Pacitc Time Zone except for the state of Colorado.
Am I a Principal Consultant Candidate?
Do you find yourself interested in and keeping up with the latest vulnerabilities and breaches?
Are you self-motivated and looking for an opportunity to rapidly accelerate your skills?
Do you crave new and innovative work that actually matters to your customer?
Do you have an Incident Response or Information Security background that you’re not fully utilizing?
Are you capable of leading teams and interacting with customers?
Do you love working around like-minded, smart people who you can learn from and mentor on a daily basis?
Lead incident response engagements and serve as the primary point of contact for the customer throughout the investigation.
Perform host and/or network-based forensics across Windows, Mac, and Linux platforms.
Perform basic malware analysis.
Produce high-quality written and verbal reports, presentations, security-focused recommendations, and factual findings to customer management, regulators, and legal counsel.
Assess and develop actionable, and impactful mitigation and containment measures during active incident response investigations.
Demonstrate industry thought leadership through blog posts, CrowdCasts, and other public speaking events.
Successful candidates will have experience in one or more of the following areas:
Incident Response: experience performing or managing incident response investigations for organizations, investigating targeted threats such as the Advanced Persistent Threat, Organized Crime, and Hacktivists.
Threat Hunting: experience developing analytics and hunting through large datasets for adversary activity, experience with Splunk or other big data platforms is preferred.
Computer Forensic Analysis: a background using a variety of forensic analysis tools in incident response investigations to determine the extent and scope of compromise.
Network Forensic Analysis: knowledge of network protocols, network analysis tools, and ability to perform analysis of associated network logs.
Reverse Engineering: ability to perform basic static and dynamic malware analysis.
Incident Remediation: strong understanding of targeted attacks and able to create customized tactical and strategic remediation plans for compromised organizations.
Network Operations and Architecture/Engineering: strong understanding of secure network architecture and strong background in performing network operations.
Programming/Scripting: experience coding in Go, PowerShell, Python, or Perl.
Additionally, all candidates must possess the following qualifications:
Capable of completing technical tasks without supervision.
Desire to grow and expand both technical and soft skills.
Strong project management skills.
Contributing thought leader within the incident response industry.
Ability to foster a positive work environment and attitude.
Ability to travel on short notice, up to 20% of the time.
BA or BS / MA or MS degree in Computer Science, Computer Engineering, Math, Information Security, Information Assurance, Information Security Management, Intelligence Studies, Cybersecurity, Cybersecurity Policy, or a related field. Applicants without a degree but with relevant work experience and/or training will be considered.