About the Role
CrowdStrike seeks experienced educators and consultants who want to help our clients learn how to protect their organizations against the most advanced attackers in the world. Our CrowdStrike Services training and education team lets you use your experience in security to help students up their game. You’ll work with one of the premier incident response teams in the world, carrying the lessons of the field to a classroom environment.
If your skillset includes incident response and preparation, this position can also cross over into occasional service delivery of the types shown in our Senior Consultant careers. You should look at those postings – as well as the nightly news – to get an idea of the excitement that we call “just another Friday afternoon.”
Remote U.S. role within a reasonable commuting distance to one of the following offices: Sunnyvale, CA; Irvine, CA; El Segundo, CA; Austin, TX; Seattle, WA; Kirkland, WA; Columbia, MD; Boston, MA; Arlington, VA; St. Louis, MO; Minneapolis, MN.
Am I an Instructor/Curriculum Development Candidate?
Can you effectively communicate complicated topics to an audience with a wide variety of skills? Can you explain the importance of regular patching to your grandma and at least keep up when your niece explains the x86 binary she reversed before Thanksgiving dinner?
Do you have an Incident Response or Information Security background, and did you enjoy explaining the “why” and the “how” to your clients in the past?
Are you an IR consultant who enjoys the work but needs or wants to get out of the 3-4-5 travel every week?
Can you credibly represent the leading edge of information security? Could your past clients tell that you were walking the walk, not just talking the talk?
Can you interact effectively with customers who might need to be un-taught some old ways before they can learn some new tricks?
Do you love working with other smart people from whom you can learn as well as teach what you know?
Can you tell a story with a point, using the elements of the story to cement the knowledge?
Do you know stuff and want to help other people learn it so they can do it, too? Especially cool stuff?
Present and lead courses on incident response, forensic analysis, intelligence operations and other information security topics.
Work effectively at a distance: conduct web-meeting-based course delivery; interact and integrate with coworkers from Sydney to London (though most of us are in the U.S.); use distance learning technology effectively.
Conduct on-site courses for certain clients, usually two or three days at a time. For certain technical topics, manage course delivery by SMEs who aren’t professional trainers, ensuring the client gets the best value.
Create, extend, enhance or revise course material. When not teaching, create material for delivery via a learning management system (a computer-based training site).
Serve as a subject matter expert to field salespeople, promoting the education service line and its benefits to potential clients and internal employees.
Manage course metadata and material in the learning management system, helping the operations group deliver efficient service and good margins to the P&L.
Produce high-quality written and verbal reports, presentations, recommendations, and findings that need minimal editing before being shown to a client.
If you live near one of our professional services offices, spend a portion of your not-on-client-site time in those offices working with the rest of your team.
What You’ll Need
Education: experience teaching technical topics to a wide variety of audiences, from desktop support technicians to C-level executives.
Incident Response: experience conducting or managing incident response investigations for organizations, investigating targeted threats such as the Advanced Persistent Threat, Organized Crime, and Hacktivists.
Intelligence: experience conducting cyber threat analysis of targeted threat actors, using an established analytic model to produce FINTEL and/or technical output.
Computer Forensic Analysis: a background using a variety of forensic analysis tools in incident response investigations to determine the extent and scope of compromise.
Network Forensic Analysis: strong knowledge of network protocols, network analysis tools, and ability to perform analysis of associated network logs.
Incident Remediation: strong understanding of targeted attacks and able to create customized tactical and strategic remediation plans for compromised organizations.
Network Operations and Architecture/Engineering: strong understanding of secure network architecture and experience performing network operations.
Some programming/scripting: experience coding in C, C#, VB, Python, Perl, Ruby on Rails, and/or .NET would be a plus. Strong text editor preference a must.
Additionally, all candidates must possess the following qualifications:
Professional client-facing demeanor, comfortable in the machine room and the board room.
Strong, clear verbal and written communication skills.
Capable of completing tasks on time without supervision.
Desire to grow and expand both technical and soft skills.
Strong project management skills.
Ability to foster a positive work environment and attitude.
Ability to travel on short notice, up to 50% of the time.
Bachelor’s and/or Master’s degree in Computer Science, Computer Engineering, Math, Information Security, Information Assurance, Information Security Management, Intelligence Studies, Cybersecurity, Cybersecurity Policy