At CrowdStrike we’re on a mission - to stop breaches. Our groundbreaking technology, services delivery, and intelligence gathering together with our innovations in machine learning and behavioral-based detection, allow our customers to not only defend themselves, but do so in a future-proof manner. We’ve earned numerous honors and top rankings for our technology, organization and people – clearly confirming our industry leadership and our special culture driving it. We also offer flexible work arrangements to help our people manage their personal and professional lives in a way that works for them. So if you’re ready to work on unrivaled technology where your desire to be part of a collaborative team is met with a laser-focused mission to stop breaches and protect people globally, let’s talk.
About the Role:
The CrowdStrike Endpoint Protection (EPP) Content Research team is seeking a motivated professional with strong technical skills to analyze malware. The Content Research team is focused on improving detection capability and efficacy for the Falcon Host platform through tactical analysis of ongoing attacks by criminal and nation state actors impacting our customer base.
Content Research members respond and investigate individual incidents and track large scale campaigns of malicious activity across a vast customer base leveraging the CrowdStrike Threat Graph™. The position entails researching the latest and greatest malware families and malicious behavior via deep-dive reverse engineering, and working alongside the other team members to implement high fidelity behavioral coverage.
Content Research is dedicated to responding to our customer's security needs as threats evolve and ensuring CrowdStrike maintains coverage of all relevant threats regardless of the source of attack. Falcon Host is a unique endpoint detection and response solution and security researchers on the team will have the opportunity to translate their research findings into impactful detection capabilities backed by an unprecedented number of events at their disposal for analytic initiatives.
What You’ll Need:
Experienced at binary analysis in a Windows, Linux, or Mac environment
Experienced at malware analysis in a Windows, Linux, or Mac environment
Experienced at creating IOA/IOC detection rules of some sort (Yara, platform dependent)
Advanced knowledge of x86 and x64 assembly
Experienced with static analysis tools, such as IDA/Ghidra/Binary Ninja
Solid understanding of Windows, Mac, or Linux OS internals
Knowledgeable in a variety of file formats (PE, OLE, etc)
Some understanding on how binary code is compiled, linked, and loaded
Experience with a scripting language, such as Python or Powershell
Experience with behavioral analysis tools, such as Sysinternals, Windbg, lldb
General understanding of the threats posed by malicious software
General understanding of the threat landscape
Ability to pick apart problems and reassemble them into a logical solution
Ability to create technical write-ups for the analyzed malware
Ability to communicate in a clear and concise manner
Ability to be a mentor to the junior members of the team
Ability to work independently and meet deadlines
Experience in leveraging program analysis techniques and tools to automate binary analysis
Experience in technical support, network administration, system administration, network operations, security operations, or an equivalent role
Experience in a security operations center or a similar environment responding to incidents
Experience writing applications in a Windows, Mac, or Linux environment
Exposure to Golang or Rust
Bachelor’s degree in computer science, mathematics, or work related disciplines from an accredited college or university. Equivalent work or self-guided experience is also acceptable.
Benefits of Working at CrowdStrike:
- Market leader in compensation
- Comprehensive health benefits
- Working with the latest technologies
- Training budget (certifications, conferences)
- Flexible work hours and remote friendly environment
- Wellness programs
- Stocked fridges, coffee, soda, and lots of treats
- Peer recognition
- Inclusive culture focused on people, customers and innovation
- Regular team activities, including happy hours, community service events
We are committed to building an inclusive culture of belonging that not only embraces the diversity of our people but also reflects the diversity of the communities in which we work and the customers we serve. We know that the happiest and highest performing teams include people with diverse perspectives and ways of solving problems so we strive to attract and retain talent from all backgrounds and create workplaces where everyone feels empowered to bring their full, authentic selves to work.
CrowdStrike is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law.