Cloud Security Engineer - Content (Remote)Apply Job ID R5028 Date posted 09/28/2021
At CrowdStrike we’re on a mission - to stop breaches. Our groundbreaking technology, services delivery, and intelligence gathering together with our innovations in machine learning and behavioral-based detection, allow our customers to not only defend themselves, but do so in a future-proof manner. Because of that we’ve earned numerous honors and top rankings for our technology, organization and talent. Our culture was purpose-built to be remote first, and we offer flexible work arrangements to help our people manage their personal and professional lives in a way that works for them. If you’re ready to work on unrivaled technology with a team that makes a difference every day, let’s talk.
About the Role
As part of building a product to defend against a variety of threats, we need to build a system to test the product against those threats. There is a need to answer the question of “do we detect this?” and if so, under what circumstances or configuration. This may also include understanding how well we do given a body of samples under a variety of configuration settings.
This role will create the rules, content-packs and hunting triggers for the Falcon Cloud Security product. This involves tracking capabilities of new and existing public cloud services and understanding how adversaries may exploit these resources to advance their modes of interest. Further, the role involves mapping industry-standard compliance standards onto public cloud infrastructure, to provide customers insight into cloud hygiene and compliance. This person will be required to gather the data, analyze the data, identify its criticality, also automate simple tasks. They will also be responsible for troubleshooting issues with current data and making enhancements.
What You’ll Need
Experience level 2-5 years.
Hands-on professional experience with AWS, GCP or Azure in an Infosec/DevSecOps capacity.
Programming and scripting knowledge for automating day to day tasks – Splunk, Python,Powershell or API
Tracking and researching release of new cloud resource types and services, with a focus on security risk and attack surface expansion.
Research mindset, with a hold on where to look for relevant information pertaining to cloud threats, vulnerabilities and key adversary’s modes of interest.
Coordinating with Security SMEs to build hunting rules and triggers, which focus on adversary activity within the cloud control plane.
Handle Customer escalations, to identify False-Positive & False-Negative
Data discovery and validation (Data efficacy & Accuracy)
Knowledge of public cloud resource and control plane threats and vulnerabilities, specifically around AWS.
Familiarity with common compliance standards, such as CIS Benchmarks, PCI-DSS and HIPAA.
Platform knowledge around GCP and Azure, specifically around security configuration and monitoring.
Ability to communicate, collaborate, and work effectively in a globally distributed team.
Experience in SecOps domain is a plus.
Benefits of Working at CrowdStrike:
Market leader in compensation and equity awards
Competitive vacation and flexible working arrangements
Comprehensive health benefits + 401k plan
Paid Parental Leave, including adoption
A variety of professional development and mentorship opportunities
Open offices have stocked kitchens, coffee, soda and treats
We are committed to building an inclusive culture of belonging that not only embraces the diversity of our people but also reflects the diversity of the communities in which we work and the customers we serve. We know that the happiest and highest performing teams include people with diverse perspectives that encourage new ways of solving problems, so we strive to attract and develop talent from all backgrounds and create workplaces where everyone feels seen, heard and empowered to bring their full, authentic selves to work.
CrowdStrike is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law.
CrowdStrike participates in the E-Verify program.