Sr. Consultant - Cloud Threat Hunting (Remote)

#WeAreCrowdStrike and our mission is to stop breaches. As a global leader in cybersecurity, our team changed the game. Since our inception, our market leading cloud-native platform has offered unparalleled protection against the most sophisticated cyberattacks. We’re looking for people with limitless passion, a relentless focus on innovation and a fanatical commitment to the customer to join us in shaping the future of cybersecurity. Consistently recognized as a top workplace, CrowdStrike is committed to cultivating an inclusive, remote-first culture that offers people the autonomy and flexibility to balance the needs of work and life while taking their career to the next level. Interested in working for a company that sets the standard and leads with integrity? Join us on a mission that matters - one team, one fight.

About the Role:

CrowdStrike is looking for highly motivated, self-driven, cloud threat hunters dedicated to making a difference in global security by protecting organizations against the most advanced adversaries in the world. Our CrowdStrike Professional Services team offers opportunities to expand your skill set through a wide variety of impactful consulting engagements for many of the world's leading organizations.

The Cloud Threat Hunting Senior Consultant would be responsible for conducting compromise assessments in cloud environments to identify active and historical threats, reviewing cloud control plane configurations and providing actionable recommendations to enhance the security posture of customer cloud environments.

Am I A Cloud Threat Hunting Candidate?

•  Do you find yourself interested in and keeping up with the latest Azure, M365, AWS, GCP, and/or OCI feature announcements, as well as vulnerabilities and breaches?

• Are you self-motivated and looking for an opportunity to rapidly accelerate your skills?

• Do you crave new and innovative work that actually matters to your customer?

• Do you have a technical Information Security background that you’re not fully utilizing?

• Are you capable of operating as an individual contributor and occasionally leading teams and interacting with customers?

• Do you love working around like-minded, smart people who you can learn from and mentor on a daily basis?

What You’ll Do:

• Leverage analytics, statistical analysis, and threat intelligence to analyze logs from cloud platforms to identify historical and active threats.

• Review security configurations in cloud environments, correlate discrete data points, and identify cloud control plane configurations associated with threat activity.

• Identify identity and control plane configurations that may expose cloud environments to threats and unauthorized access.

• Write queries and simple scripts to extract data of interest, pivot on initial findings, correlate data across multiple sources, and identify outliers that may be indicative of threat activity.

• Manage small client engagements, lead internal teams, and provide regular status updates to clients regarding project status and findings.

• Produce high-quality written and verbal reports, presentations, recommendations, and findings to key stakeholders including customer management, regulators, and legal counsel.

• Demonstrate industry thought leadership through blog posts, CrowdCasts, and other public speaking events.

What You’ll Need:

Successful candidates will have experience in one or more of the following areas:

• A strong understanding of one or more of the following cloud platforms: Azure, M365, AWS, GCP, or OCI, including identity, architecture, security, and logging.

• Strong analytical skills, attention to details, and ability to work with large data sets up to terabytes in size.

• 3-5 years of hands-on threat hunting experience in cloud and/or on-premises environments. 

• Excellent communication skills, including a strong ability to communicate executive and/or detailed level findings to clients; ability to effectively communicate tasks, guidance, and methodology with internal teams.

Experience/training in the topics below is beneficial but not essential for consideration:

• Cloud Operations: familiarity with modern cloud workloads - DevOps, CICD pipelines, containers, and related security defenses and pitfalls.

• Cloud Incident Response: knowledge in AWS, Azure, M365, or GCP incident response methodologies.

• Incident Remediation: strong understanding of targeted attacks and able to create customized tactical and strategic remediation plans for compromised organizations related to major cloud platforms.

Additionally, all candidates must possess the following qualifications:

• Capable of completing technical tasks without supervision.

• Desire to grow and expand both technical and soft skills.

• Strong project management skills.

• Contributing thought leader within the cloud security/incident response industry.

• Ability to foster a positive work environment and attitude.

Education & Certifications: 

BA or BS / MA or MS degree in Computer Science, Computer Engineering, Math, Information Security, Information Assurance, Information Security Management, Intelligence Studies, Cybersecurity, Cybersecurity Policy, or a related field. Applicants without a degree but with relevant work experience and/or training will be considered.

Holders of a CISSP, CISA, CISM, CCSP, or any practitioner or security certifications in AWS, Azure and GCP may be considered in lieu of or in addition to a degree.

#LI-AC1 

#LI-Remote

Benefits of Working at CrowdStrike:

• Remote-first culture

• Market leader in compensation and equity awards

• Competitive vacation and flexible working arrangements 

• Comprehensive and inclusive health benefits

• Physical and mental wellness programs

• Paid parental leave, including adoption 

• A variety of professional development and mentorship opportunities

• Offices with stocked kitchens when you need to fuel innovation and collaboration

Right to Work