Sr. Security Researcher (Remote)

  • Engineering
  • IT Hardware
  • IT Software
  • Job type: full-time
    Job level: 1 - 5 years of experience
  • Brasov
  • Cluj Napoca
  • Updated at: 28.11.2021

    At CrowdStrike we’re on a mission - to stop breaches. Our groundbreaking technology, services delivery, and intelligence gathering together with our innovations in machine learning and behavioral-based detection, allow our customers to not only defend themselves, but do so in a future-proof manner. We’ve earned numerous honors and top rankings for our technology, organization and people – clearly confirming our industry leadership and our special culture driving it. We also offer flexible work arrangements to help our people manage their personal and professional lives in a way that works for them. So if you’re ready to work on unrivaled technology where your desire to be part of a collaborative team is met with a laser-focused mission to stop breaches and protect people globally, let’s talk.

    About the Role:

    CrowdStrike Intelligence, a core component of CrowdStrike, is seeking a motivated researcher with experience in the information security domain and excellent software development skills. Our Technical Analysis Cell (TAC) is at the forefront of CrowdStrike’s battles with state-sponsored adversaries and criminal actors. We combine world-class intelligence analysis with deep-dive reverse engineering and malicious code analysis, supported by a pipeline of fully automated tools that allow us to deliver actionable indicators and cutting-edge operational insights at scale. Our systems process millions of malicious files every day to extract information that protects our customers and informs our analysts.

    This highly technical position is at the intersection of threat analysis and software development. It serves an important role in increasing our visibility into the global threat landscape and contributes to the continuous tracking of more than a hundred adversary groups. The role supports analysis workflows by finding creative and innovative solutions for both technical and non-technical problems and automating these. Systems built by our Security Automation Architects are used by our intelligence Analysts, Incident Responders, and Threat Hunters. The ideal candidate for this interdisciplinary position has experience with large-scale malware analysis and the development of custom tools that aid respective tasks. This role has a special focus on enhancing CrowdStrike’s internal tool chain for identifying related binary files based on custom similarity metrics.

    Essential Duties and Responsibilities

    • Design, develop and evaluate algorithms and create and maintain tooling to assist with threat hunting at scale through means of binary code similarity.

    • Develop and maintain automated systems for large-scale malware processing, unpacking, and indicator extraction.

    • Identify and solve problems and areas of improvement in analysis workflows, processes, and automated systems.

    • Plan and execute development of frontend and backend systems in the context of cyber security, cyber threat intelligence, and large-scale malware processing while balancing pragmatic short-term solutions with long-term strategies and visions.

    Key Qualifications (Required):

    • Proficiency in English both written and spoken

    • Team player in a group of international specialists with a diverse skill set

    • Strong communication and interpersonal skills. Ability to express complex technical and non-technical concepts verbally and graphically

    • Profound knowledge of programming and scripting languages, in particular Python.

    • Experience in using databases (relational, Elasticsearch, Splunk, graph-based)

    • Creativity and strong analytical skills to investigate, assess, validate, and think outside the box. Excellent problem solving skills and ability to work independently

    • Degree in Information Security/Computer Science/Computer Engineering (or commensurate experience)

    • At least five years of industry experience

    Key Qualifications (Preferred):

    • Information security background

    • Prior experience with binary file similarity research is a plus

    • Knowledge of reverse engineering tools (disassemblers, decompilers, debuggers) and processes (unpacking malware, reconstructing code logic, etc)

    • Experience with multiple platforms (Windows, Linux, macOS, Android, etc.)

    • Low-level programming experience (for example, C)

    • Experience in User-Interface/User-Experience (UI/UX) design and development

    • Development and deployment of dockerized applications

    • An intelligence background is a plus



    Benefits of Working at CrowdStrike:

    • Market leader in compensation and equity awards
    • Competitive vacation policy
    • Comprehensive health benefits
    • Flexible work environment
    • Wellness programs
    • Stocked fridges, coffee, soda, and lots of treats

    We are committed to building an inclusive culture of belonging that not only embraces the diversity of our people but also reflects the diversity of the communities in which we work and the customers we serve. We know that the happiest and highest performing teams include people with diverse perspectives and ways of solving problems so we strive to attract and retain talent from all backgrounds and create workplaces where everyone feels empowered to bring their full, authentic selves to work.

    CrowdStrike is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law.

    Applying to this job ad you give your consent for your information to be processed by CROWDSTRIKE.
    Please read the Personal Data Processing Policy, CROWDSTRIKE >>