Malware Research Center
The CrowdStrike Malware Research Center is the core of Falcon’s malware detection and response capabilities. The team has a focus on understanding the threat landscape and sets the target for what Falcon should be identifying and preventing. Additionally, the MRC is responsible for understanding our capabilities, and mapping how well our machine learning and behavioral protection capabilities are doing against those threats. Where there is a gap, the MRC takes action to improve our detection stance, and improve our overall protection story. There are many parts of CrowdStrike working towards protecting customer environments, and the MRC works across all of them to ensure we are on target and providing the best protection for our current threat landscape.
About The Role
The red team engineer will work on a team dedicated to performing activities simulating known threat actor, evaluating advanced techniques, research new techniques, and to evaluate and improve CrowdStrike’s Falcon products. The red team engineer is expected to be able to coordinate with leadership, plan, and oversee execution of assessments help engineering teams measure and improve the product. This person should be capable of supporting, leading, and mentoring less experienced team members.
Detailed Description
Lead the design, implementation, and execution of adversarial simulations, technique research, product measurement, reporting, and metrics.
Develop reporting including mitigations strategies of results of activities for both management and technical audiences.
Must be able to effectively communicate at all levels within CrowdStrike.
Organize resources to perform assessments of operating systems, applications, databases and network infrastructure components to detect, enumerate techniques, defenses, and mitigation strategies
Work with a diverse team and lead/assist in developing and improving product effectiveness
What You'll Need Or Desirable Things
Bachelor’s Degree in a technical field or related experience
Minimum 5 years of experience in a Red Team/Penetration Testing activity is highly preferred
Security community participation (conference speaker, tool development contributor) is preferred
Experience with Security Assessment Toolsets (Metasploit, NMAP, Cobalt Strike, Nessus, Burp Suite, etc.)
Comprehensive understanding of the security methodologies, technologies, and best practices
Windows / Linux / UNIX / Mac operating systems
Comprehensive knowledge of firewalls, proxies, mail servers and web servers
Experience with operational support for operating systems, applications and networks
Experience with Red Teaming (vulnerability/penetration testing/adversary emulation assessments)
Experience in automation and scripting of applications and systems
Experience in one or more high level programming languages (C++, Rust, .Net, Go, Java etc) is preferred
Experience in software debugging, reverse engineering is preferred
Experience with MITRE ATT&CK Framework, techniques, and sub techniques
Desirable Certifications: OSCP, GPEN, OSCE, GCIH, GXPN
Information Security, Information Assurance, Information Security Management, Intelligence Studies, Cybersecurity, Cybersecurity Policy, or a related field.
Benefits Of Working At CrowdStrike
Market leader in compensation and equity awards
Competitive vacation policy
Comprehensive health benefits
Paid parental leave, including adoption
Flexible work environment
Wellness programs
Stocked fridges, coffee, soda, and lots of treats
We are committed to building an inclusive culture of belonging that not only embraces the diversity of our people but also reflects the diversity of the communities in which we work and the customers we serve. We know that the happiest and highest performing teams include people with diverse perspectives and ways of solving problems so we strive to attract and retain talent from all backgrounds and create workplaces where everyone feels empowered to bring their full, authentic selves to work.
CrowdStrike is an Equal Opportunity employer.