Sr. Consultant, Cloud Incident Response (Remote)

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate an inclusive culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.

About the Role: 

CrowdStrike is looking for highly motivated, self-driven, technical consultants dedicated to making a difference in global security by protecting organizations against the most advanced attackers in the world. Our CrowdStrike Services team offers opportunities to expand your skill set through a wide variety of engagements including front page incident response investigations for organizations you’ll find on the annual Fortune 100 list. A Sr/Principal Consultant in CrowdStrike’s Cloud Incident Response Team would be responsible for assisting our clients in identifying, responding to, and containing attacker activity in their Azure and M365 environments, as well as improving the team’s incident response capabilities by contributing to and spearheading automation projects. 

Am I A Cloud IR Sr/Principal Consultant Candidate?

• Do you find yourself interested in and keeping up with the latest Azure and M365 vulnerabilities and breaches?

• Are you self-motivated and looking for an opportunity to rapidly accelerate your skills?

• Do you crave new and innovative work that actually matters to customers?

• Do you have an Incident Response or Information Security background that you’re not fully utilizing?

• Are you capable of operating as an individual contributor?

• Are you an effective internal and customer-facing team leader?

• Do you love working around like-minded, smart people who you can learn from and mentor on a daily basis?

What You’ll Do:

• Manage projects and perform forensic analysis on incident response engagements involving Azure and M365.

• Manage projects and perform analysis on technical assessments looking for compromise or security misconfigurations in Azure and M365.

• Manage projects and deliver adversary simulation (purple team) exercises in Azure and M365.

• Produce high-quality written and verbal reports, presentations, recommendations, and findings to key stakeholders including customer management, and legal counsel.

• Demonstrate industry thought leadership through blog posts, CrowdCasts, and other public speaking events.

What You’ll Need:

Successful candidates will have experience in one or more of the following areas:

• Cloud Incident Response: knowledge in M365, Azure incident response methodologies.

• Cloud Operations: familiarity with how modern workloads work in the cloud - DevOps, CICD pipelines, containers, functions, etc. and related security defenses and pitfalls.

• Incident Response: experience supporting or managing incident response investigations for organizations, investigating targeted threats such as the Advanced Persistent Threat, Organized Crime, and Hacktivists.

• In-depth knowledge of Cloud Service Providers Forensic Analysis: a background using a variety of forensic analysis tools in incident response investigations to determine the extent and scope of compromise.

• Incident Remediation: strong understanding of targeted attacks and able to create customized tactical and strategic remediation plans for compromised organizations related to major cloud platforms.

• Communications: strong ability to communicate executive and/or detailed level findings to clients; ability to effectively communicate tasks, guidance, and methodology with internal teams

Additionally, all candidates must possess the following qualifications:

• Capable of completing technical tasks without supervision.

• Desire to grow and expand both technical and soft skills.

• Strong project management skills.

• Contributing thought leader within the incident response industry.

• Ability to foster a positive work environment and attitude.

Education: 

BA or BS / MA or MS degree in Computer Science, Computer Engineering, Math, Information Security, Information Assurance, Information Security Management, Intelligence Studies, Cybersecurity, Cybersecurity Policy, or a related field. Applicants without a degree but with relevant work experience and/or training will be considered.

#LI-AC1

#LI-Remote

This role may require the candidate to periodically undergo and pass alcohol and/or drug test(s) during the course of employment.

Benefits of Working at CrowdStrike:

• Remote-friendly and flexible work culture

• Market leader in compensation and equity awards

• Comprehensive physical and mental wellness programs 

• Competitive vacation and holidays for recharge  

• Paid parental and adoption leaves

• Professional development opportunities for all employees regardless of level or role

• Employee Resource Groups, geographic neighbourhood groups and volunteer opportunities to build connections

• Vibrant office culture with world class amenities

• Great Place to Work Certified™ across the globe

Right to Work

CrowdStrike, Inc. is committed to fair and equitable compensation practices. The base salary range for this position in the U.S. is $105,000 - $160,000 per year + variable/incentive compensation + equity + benefits. A candidate's salary is determined by various factors including, but not limited to, relevant work experience, skills, certifications, job level, supervisory status, and location.

Expected Close Date of Job Posting is:03-09-2025