As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. We work on large scale distributed systems, processing almost 3 trillion events per day and this traffic is growing daily. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.
About the Role:
The CrowdStrike EndPoint Protection (EPP) Content product group is seeking a highly motivated individual with strong technical acumen to join our Threat Efficacy team. In this role, you will be responsible for monitoring and analyzing the extensive array of detections and preventions deployed by various internal teams within CrowdStrike. The primary objectives of this team include responding to customer inquiries regarding threat detections and capabilities, proactively managing false positives, and enhancing the overall efficacy of our content.
This position will involve close collaboration with internal teams such as Technical Account Managers, Support engineers, Falcon Complete, Data Science, and content engineering teams within the organization.
Security Response is committed to addressing our customers' security needs as threats evolve and ensuring CrowdStrike maintains coverage of all relevant threats, regardless of the source of attack. Falcon Sensor is a unique endpoint detection and response solution, and Security Analysts on the Security Response Team will have the opportunity to translate their analysis findings into impactful detection capabilities.
What You'll Do:
Provide assistance to various internal teams in the creation of new detections, improvements to existing models, and assessment of detection gaps related to various CrowdStrike products.
Document and offer expert-level information to diverse stakeholders regarding content detections within CrowdStrike Falcon.
Support customers and teams in enhancing or suppressing detection alerts.
Develop new detection content based on adversarial or testing activity observed in logs.
What You'll Need:
Comprehensive understanding of common adversary tactics and techniques.
Demonstrated ability to analyze complex situations and articulate information clearly to diverse stakeholders.
Profound understanding of and ability to interpret logs generated by systems, networks, and applications.
Proven experience in identifying and isolating unique patterns within process behavior or logs (e.g., RegEx, correlation rules, YARA).
Prior experience with EDR products and endpoint security monitoring.
Expertise in and understanding of Windows, Linux, and MacOSX operating systems.
Capacity to contribute both independently and collaboratively within a team environment.
Possess an inquisitive nature and the ability to conduct thorough research using historical data.
Exhibit a keen eye for documenting pertinent details and facilitating focused discussions.
Eagerness to acquire new knowledge and skills.
Bonus Points:
Experience in a security operations center or similar environment responding to incidents.
Demonstrated ability to automate repetitive tasks to enhance overall work efficiency.
In-depth experience with and knowledge of penetration testing (red team) methodologies and tools.
Forensic experience is highly desirable.
Proficiency in utilizing Jira for the management and maintenance of development queues.
Working knowledge of various programming/scripting languages, dynamic malware analysis and sandboxing, and/or penetration testing tools and techniques.
Good understanding of the application development life cycle (SDLC).
Education:
BA/BS or MA/MS degree or equivalent experience in Computer Science, Information Security, or a related field
#LI-DM1
#LI-Remote
Benefits of Working at CrowdStrike:
Remote-friendly and flexible work culture
Market leader in compensation and equity awards
Comprehensive physical and mental wellness programs
Competitive vacation and holidays for recharge
Paid parental and adoption leaves
Professional development opportunities for all employees regardless of level or role
Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections
Vibrant office culture with world class amenities
Great Place to Work Certified™ across the globe
CrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program.
CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment. The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law. We base all employment decisions--including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs--on valid job requirements.
If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at [email protected] for further assistance.
Top Skills
What the Team is Saying
What We Do
CrowdStrike has redefined security with the world’s most advanced cloud-native platform that protects and enables the people, processes and technologies that drive modern enterprise. Tested and proven, the world's largest organizations trust CrowdStrike to stop breaches with unparalleled protection against the most sophisticated cyberattacks.
The CrowdStrike culture has been built upon our Core Values since the day we began. We are Fanatical About the Customer, Relentlessly Focused on Innovation and believe that our Limitless Passion drives Unlimited Potential for every CrowdStriker. As a purpose-built remote-first company, we believe cultivating a connected culture for every employee, no matter where they are in the world, is a key ingredient in building a high-performing, diverse team.
We don’t have a mission statement. We’re on a mission—to stop breaches. Ready to join a mission that matters?
Why Work With Us
We have a culture that celebrates achievement, encourages flexibility and innovation and thrives on teamwork. We all work towards a single mission: to stop breaches. This common goal drives a sense of community and connection among our people across the globe.
Gallery
CrowdStrike Offices
Hybrid Workspace
Employees engage in a combination of remote and on-site work.
