Security Researcher Intern

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate an inclusive culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Our University Recruiting program is dedicated to attracting and cultivating the future leaders of this industry. This program offers paid positions for students and recent grads, designed to provide exposure to work that makes an impact while being supported through a structured experience with seasoned professionals. Ready to join a mission that matters? The future of cybersecurity starts with you.

About the Role:

CrowdStrike is looking for a Security Research Engineer Intern to join our growing Endpoint Protection (EPP) Content Product Group to focus on  Red Team DevOps and Adversarial Emulation on Windows, macOS, and Linux as part of the Gap Analysis Team (GAT).

GAT is a central part of CrowdStrike’s mission - “We Stop Breaches."  On this team, we implement strategies and processes that emulate malicious behavior seen in the wild with automation at the forefront of our work. We take pride in creating modular emulation solutions that allow us to dynamically configure adversary emulations in a scalable manner. Our goal is to automatically stop the bad guys where possible, and to provide useful visibility and guidance to security analysts and engineering teams when new previously unknown adversarial activity occurs. We research attacker behavior to understand their tools and techniques, and build capabilities to detect and prevent malicious activity. The team is unique in that it provides red team subject matter expertise to many defense focused groups within CrowdStrike.

What You’ll Do:

• Learn about the analysis and development of adversarial emulations across multiple C2 frameworks including Cobalt Strike, Metasploit, Mythic and many more. 

• Work collaboratively to emulate new attack chains seen by our customers, determine Falcons coverage, and make recommendations for new or improved detection content. 

• Work with DevOps tools like Docker, Jenkins, Git, Ansible, and Kubernetes to further automate and scale the testing of adversary emulations.

What You’ll Need:

• A rising junior, senior, or graduate-level student currently working towards a Computer Science/Engineering/Mathematics degree, graduating between December 2025 - June 2026

• Knowledge of red team C2 frameworks such as Cobalt Strike, Metasploit, PoshC2, and Mythic including scripting languages that are used by these frameworks.

• Experience with DevOps pipelines for red team engagements, testing, or reverse engineering. 

• Understanding of tools such as Git, Jenkins, Docker, Kubernetes, and Ansible 

• Understanding of MITRE ATT&CK. Experience mapping ATT&CK chains to MITRE ATT&CK TTPs

• Ability to pick apart problems and reassemble them into a logical solution 

• Ability to create technical write-ups for analyzed attack chains

Bonus Points:

• Understanding of Windows OS internals. Including development of windows exploits or post exploitation/enumeration  toolsets

• Experience with behavioral analysis tools, such as Sysinternals, Windbg

• Development experience writing Golang code including testing and the use of CI/CD

• Knowledge of adversary emulation frameworks including Atomic Red Team or Caldera

• Exposure to static analysis tools, such as IDA/Ghidra/Radare

• Understanding of C++, C#, and other compiled languages

#LI-Remote

#LI-MK3

What You Can Expect:

• Remote-friendly and flexible work culture

• Market leader in compensation and equity awards

• Paid holidays (including birthday holidays) and 401k matching (where applicable)

• Professional development opportunities including workshops, tech talks, and Executive Speaker Series

• Assigned mentors from across the company for continuous support and feedback

• Participation in companywide initiatives including ERGs, FalconFIT, Wellness Programs, and Employee Assistance Program

• Employee Resource Groups, geographic neighbourhood groups and volunteer opportunities to build connections

• Vibrant office culture with world class amenities

• Ownership of impactful projects that move the company forward

• Great Place to Work Certified™ across the globe

CrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program.

Right to Work