Threat researcher III (Remote, IND)

Posted 19 Hours Ago
Be an Early Applicant
Remote
Senior level
Cloud • Information Technology • Sales • Security • Cybersecurity
Define your future at CrowdStrike.
The Role
The Threat Research Engineer will analyze malware threats for the Falcon platform, validating and mitigating potential threats through behavior analysis, reverse engineering, and automation. The role involves processing large sample volumes, understanding file formats, and collaborating with stakeholders to enhance detection capabilities.
Summary Generated by Built In

#WeAreCrowdStrike and our mission is to stop breaches. As a global leader in cybersecurity, our team changed the game. Since our inception, our market leading cloud-native platform has offered unparalleled protection against the most sophisticated cyberattacks. We're looking for people with limitless passion, a relentless focus on innovation and a fanatical commitment to the customer to join us in shaping the future of cybersecurity. Consistently recognized as a top workplace, CrowdStrike is committed to cultivating an inclusive, remote-first culture that offers people the autonomy and flexibility to balance the needs of work and life while taking their career to the next level. Interested in working for a company that sets the standard and leads with integrity? Join us on a mission that matters - one team, one fight.
About Product Group
The CrowdStrike Malware Research Center is the core of Falcon's malware detection and response capabilities. The team has a focus on understanding the threat landscape and sets the target for what Falcon should be identifying and preventing. Additionally, the MRC is responsible for understanding our capabilities, and mapping how well our machine learning and behavioral protection capabilities are doing against those threats. Where there is a gap, the MRC takes action to improve our detection stance, and improve our overall protection story. There are many parts of CrowdStrike working towards protecting customer environments, and the MRC works across all of them to ensure we are on target and providing the best protection for our current threat landscape.
Threat Research Team
Leading the charge for understanding the activity of malware today is the Threat Research team. With a focus on malware research, the primary role of the team is to understand relevant threats and techniques used in malware that are threatening our customer's business. The challenge is the enormous scale of malware today and sheer number of samples required to be addressed. This takes a more creative approach than traditional Anti-Virus research, focusing on one sample at a time. The modern threat lab requires an economy of scale through automation and machine learning to allow people to focus on new learnings, and let systems continue to identify malware based on what the team has learned.
About the Role
The Threat Analyst will take input from many sources and validate if those threats are something Falcon can mount an effective defense against. The analysis can range from simple execution and review of the behaviors to reverse engineering. As Falcon is first a behavior based system, understanding how the threat is working and what it is doing to interact with the host environment can be important. The Threat Analyst will be expected to use the appropriate technique to efficiently understand the threat to identify how to best mitigate it. The Threat Analyst will be working on creating new Sandbox signatures and help to improve Sandbox detections.
Additionally, this role will be looked on as the go to person when new threats are reported for understanding those threats and formulating an opinion on how we should be thinking about the threat. Leaning on a proven track record of threat analysis, the successful candidate will be comfortable working to focus on the appropriate threats and clearly communicating key technical details of those threats.
As the gateway to the response organization for many new threats, good cross team collaboration skills are important. Clear, effective communication of technical details in a means which is actionable is the key to success.
Another aspect of the position is working with the engineering team to define automation improvements and process automation to reduce time and manual effort in the analysis of threats. Like communicating the threat details, prioritizing automation tasks and features will help define success of the role. Being able to understand the bigger picture of threat analysis and convey that to the engineering team which may not be familiar with the process will be required. The team will look to the successful candidate to help define and prioritize the roadmap for analysis automation. These are the tools and systems which will ultimately automate manual data collection so more time can be spent on understanding the threat.
What You'll Need

  • Bachelors or Masters in Computer Science or comparable field required.
  • 6+ year's experience in the threat research field with a focus on malware analysis.
  • A proven background in reverse engineering on file-based threats, exploits, and other attack techniques are desirable to be demonstrated at a moderate skill level.
  • A reasonable level of proficiency in disassembly. To operate at the level required to disassemble, core principles of structured programming is required
  • Expert level familiarity with at least one major Operating System is required as a behavior based system requires in-depth knowledge of how the host OS appears, as opposed to how the end user sees it.
  • A working knowledge of using MITRE ATT&CK to describe threat behaviors
  • The Threat Research team is supported by an engineering team, but proof of concept automation is produced by researchers. Showing competence handing off research to engineering to produce results and ability to produce small code projects to address immediate needs.
  • Strong interpersonal communications skills, with the ability to demonstrate leadership and team building expertise.
  • Experience with Malware Sandboxing technology like Cuckoo Sandbox is a plus.


#LI-VJ1
#LI-HM1
#LI-Remote
Benefits of Working at CrowdStrike:

  • Remote-first culture
  • Market leader in compensation and equity awards with option to participate in ESPP in eligible countries
  • Competitive vacation and flexible working arrangements
  • Physical and mental wellness programs
  • Paid parental leave, including adoption
  • A variety of professional development and mentorship opportunities
  • Access to CrowdStrike University, LinkedIn Learning and Jhanna
  • Offices with stocked kitchens when you need to fuel innovation and collaboration
  • Birthday time-off in your local country
  • Work with people who are passionate in our mission and Great Place to Work certified across the globe


CrowdStrike is proud to be an equal opportunity and affirmative action employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. Our approach to cultivating a diverse, equitable, and inclusive culture is rooted in listening, learning and collective action. By embracing the diversity of our people, we achieve our best work and fuel innovation - generating the best possible outcomes for our customers and the communities they serve.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at [email protected] for further assistance.

The Company
HQ: Austin, TX
10,000 Employees
Hybrid Workplace
Year Founded: 2011

What We Do

CrowdStrike has redefined security with the world’s most advanced cloud-native platform that protects and enables the people, processes and technologies that drive modern enterprise. Tested and proven, the world's largest organizations trust CrowdStrike to stop breaches with unparalleled protection against the most sophisticated cyberattacks.

The CrowdStrike culture has been built upon our Core Values since the day we began. We are Fanatical About the Customer, Relentlessly Focused on Innovation and believe that our Limitless Passion drives Unlimited Potential for every CrowdStriker. As a purpose-built remote-first company, we believe cultivating a connected culture for every employee, no matter where they are in the world, is a key ingredient in building a high-performing, diverse team.

We don’t have a mission statement. We’re on a mission—to stop breaches. Ready to join a mission that matters?

Why Work With Us

We have a culture that celebrates achievement, encourages flexibility and innovation and thrives on teamwork. We all work towards a single mission: to stop breaches. This common goal drives a sense of community and connection among our people across the globe.

Gallery

Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account