Key Facts

Remote From:

India

Full time

Mid-level (2-5 years)

English

Hard Skills

Other Skills

•
Unpacking
•
Communication
•
Prioritization
•
Creativity
•
Problem Solving

Roles & Responsibilities

Bachelor's or Master's degree in Computer Science or a comparable field.
8+ years of threat research experience focusing on malware analysis and automation.
Proficiency in one or more high-level programming languages (Python, Go, Rust) and experience with relational and/or NoSQL databases (e.g., MySQL, Cassandra, Elasticsearch).
Strong knowledge of executable file formats and ability to create parsers; experience with static and behavioral malware analysis; familiarity with malware sandboxing technologies (AMSI, ETW, API hooking).

Requirements:

Assess incoming threat signals to determine if Falcon can mount effective defenses, using execution, behavior review, and reverse engineering as needed.
Perform behavior-based malware analysis to understand how threats operate within host environments and plan mitigations.
Develop automations and custom parsers to process large volumes of samples and build scalable sample processing pipelines.
Collaborate with cross-functional teams to define and prioritize automation roadmaps, and implement processes that reduce manual analysis effort.

CrowdStrike

Cybersecurity

About CrowdStrike

CrowdStrike, a global cybersecurity leader, has redefined modern security with one of the world’s most advanced cloud-native platforms for protecting critical areas of enterprise risk – endpoints and cloud workloads, identity and data. Powered by the CrowdStrike Security Cloud, the CrowdStrike Falcon® platform leverages real-time indicators of attack, threat intelligence, evolving adversary tradecraft and enriched telemetry from across the enterprise to deliver hyper-accurate detections, automated protection and remediation, elite threat hunting and prioritized observability of vulnerabilities. Purpose-built in the cloud with a single lightweight-agent architecture, the Falcon platform enables customers to benefit from rapid and scalable deployment, superior protection and performance, reduced complexity and immediate time-to-value. CrowdStrike: We stop breaches. Learn more: https://www.crowdstrike.com/ Start a free trial today: https://www.crowdstrike.com/free-trial-guide/

Company type: Large

Industry: Cybersecurity

Founded: 2018

Company size: 5001 - 10000

Website LinkedIn See all jobs →

Job description

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.

About Product Group:
The CrowdStrike Malware Research Center is the core of Falcon’s malware detection and response capabilities. The team has a focus on understanding the threat landscape and sets the target for what Falcon should be identifying and preventing. Additionally, the MRC is responsible for understanding our capabilities, and mapping how well our machine learning and behavioral protection capabilities are doing against those threats. Where there is a gap, the MRC takes action to improve our detection stance, and improve our overall protection story. MRC also performs pathfinding research to enable technology development using innovation, prototyping and bleeding edge machine learning to support our flagship Falcon product. There are many parts of CrowdStrike working towards protecting customer environments, and the MRC works across all of them to ensure we are on target and providing the best protection for our current Threat landscape.

About the Role:

Leading the charge for understanding the activity of malware today is the Threat Research team. With a focus on malware research, the primary role of the team is to understand relevant threats and techniques used in malware that are threatening our customer’s business. The challenge is the enormous scale of malware today and sheer number of samples required to be addressed. This takes a more creative approach than traditional Anti-Virus research, focusing on one sample at a time. The modern threat lab requires an economy of scale through automation and machine learning to allow people to focus on new learnings, and let systems continue to identify malware based on what the team has learned.

What You’ll Do:

The Threat Reseacher will take input from many sources and validate if those threats are something Falcon can mount an effective defense against. The analysis can range from simple execution and review of the behaviors to reverse engineering. As Falcon is first a behavior based system, understanding how the threat is working and what it is doing to interact with the host environment can be important. The Threat Analyst will be expected to use the appropriate technique to efficiently understand the threat to identify how to best mitigate it. The Threat Analyst will work with other stakeholders and create automations for processing large numbers of samples. The analyst needs to have a good understanding of various file formats and familiarity with unpacking of common packers.
Additionally, this role will be looked on as the go to person when the team needs to quickly process a large amount of samples with custom parsers or create custom file type specific processing workflows. Leaning on a proven track record of threat analysis, the successful candidate will be comfortable working to focus on the appropriate threats and identifying automation opportunities.
As the gateway to the response organization for many new threats, good cross team collaboration skills are important. Clear, effective communication of technical details in a means which is actionable is the key to success.

Another aspect of the position is to define and automate processes to reduce time and manual effort in the analysis of threats. Like communicating the threat details, prioritizing automation tasks and features will help define success of the role. The analyst needs to understand the bigger picture of threat analysis and work with stakeholders to reduce manual steps. The team will look to the successful candidate to help define and prioritize the roadmap for analysis automation and implementation. These are the tools and systems which will ultimately automate manual data collection so more time can be spent on understanding the threat.

What You’ll Need:

Bachelors or Masters in Computer Science or comparable field.
8+ year’s experience in the threat research field with a focus on malware analysis and research automations.
Knowledge of various executable file formats and ability to create parsers is a must.
Experience in one or more high level programming languages (Python, Go, Rust, etc.) is preferred
Experience in working with relational and non-relational/NoSQL databases technologies like MySQL, Cassandra, ElasticSearch is a plus.
Some experience with building scalable sample processing solutions.
A reasonable level of proficiency in static and behavioral analysis of Malware.
A working knowledge of Malware Sandboxing technology, AMSI, ETW and API hooking work is a plus.

#LI-VJ1

#LI-Remote

Benefits of Working at CrowdStrike:

Market leader in compensation and equity awards
Comprehensive physical and mental wellness programs
Competitive vacation and holidays for recharge
Paid parental and adoption leaves
Professional development opportunities for all employees regardless of level or role
Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections
Vibrant office culture with world class amenities
Great Place to Work Certified™ across the globe

CrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program.

CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment. The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law. We base all employment decisions--including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs--on valid job requirements.

If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at recruiting@crowdstrike.com for further assistance.

Ready to apply?

APPLY

Share ·