Cloud Security Red Team Engineer (Remote)

​​#WeAreCrowdStrike and our mission is to stop breaches. As a global leader in cybersecurity, our team changed the game. Since our inception, our market leading cloud-native platform has offered unparalleled protection against the most sophisticated cyberattacks. We’re looking for people with limitless passion, a relentless focus on innovation and a fanatical commitment to the customer to join us in shaping the future of cybersecurity. Consistently recognized as a top workplace, CrowdStrike is committed to cultivating an inclusive, remote-first culture that offers people the autonomy and flexibility to balance the needs of work and life while taking their career to the next level. Interested in working for a company that sets the standard and leads with integrity? Join us on a mission that matters - one team, one fight.

Malware Research Center:

The CrowdStrike Malware Research Center (MRC) is at the core of Falcon’s malware detection and response capabilities. The team focuses on understanding the threat landscape and sets the target for what Falcon should be detecting and preventing. Additionally, the MRC is responsible for understanding our capabilities and mapping how well our machine learning and behavioral protection capabilities are doing against those threats. Where there is a gap, the MRC takes action to improve our detection stance and overall protection story. There are many parts of CrowdStrike working towards protecting customer environments and the MRC works across all of them to ensure we are on target and providing the best protection for the current threat landscape.

About the Role:

The cloud security red team engineer will work on a team dedicated to simulating known threat actors, evaluating advanced techniques, and researching new techniques to evaluate and improve CrowdStrike’s Falcon platform. They are expected to be able to develop tools, plan, and oversee assessment execution to help engineering teams measure and improve the product strongly focused on cloud environments

What You’ll Do:

• Design, implement, and execute adversarial simulations, technique research, product measurement, reporting, and metrics.

• Replicate and implement cloud-specific attack scenarios and evasion techniques

• Perform tradecraft analysis of malware and offensive security tools.

• Report results, including mitigations strategies, for both management and technical audiences.

• Must be able to effectively communicate at all levels within CrowdStrike.

• Work with a diverse team and assist in developing and improving Falcon’s effectiveness.

What You'll Need:

• Bachelor’s Degree in a technical field or related experience.

• Minimum 5 years of experience in a Red Team/Penetration Testing activities is highly preferred.

• Security community participation (conference speaker, tool development contributor) is valued.

• Comprehensive understanding of the security methodologies, technologies, and best practices.

• Experience with EDR bypass and tampering.

• Windows / Linux / Mac operating systems

• Experience with public cloud providers (AWS, Azure, GCP, etc.)

• Familiarity with cloud-specific security tools and services (AWS IAM, Azure Security Center, GCP Cloud Security Command Center, etc.)

• Experience with security of container orchestration platforms (Kubernetes, ECS, AKS, etc.)

• Understanding of cloud-specific attack vectors and vulnerabilities (e.g., serverless attacks, API abuse, KMS exploitation, container escape, etc.)

• Experience in one or more high level programming languages (C/C++, Rust, .Net, Go, etc) and low-level programming languages (ASM).

• Experience with Red Teaming (vulnerability/penetration testing/adversary emulation/adversary simulation assessments)

• Experience with MITRE ATT&CK Framework.

• Desirable Certifications: AWS Certified Security - Specialty, Microsoft Certified: Azure Security Engineer Associate , Google Cloud Certified - Professional Cloud Security Engineer, OSCP, GPEN, OSCE, GCIH, GXPN, GREM, OSEP.

#LI-Remote
#LI-EV1

#LI-JP2 

#LI-GT1 

Benefits of Working at CrowdStrike:

• Remote-first culture

• Market leader in compensation and equity awards with option to participate in ESPP in eligible countries

• Competitive vacation and flexible working arrangements

• Physical and mental wellness programs 

• Paid parental leave, including adoption 

• A variety of professional development and mentorship opportunities

• Access to CrowdStrike University, LinkedIn Learning and Jhanna

• Offices with stocked kitchens when you need to fuel innovation and collaboration

• Birthday time-off in your local country

• Work with people who are passionate in our mission and Great Place to Work certified across the globe