About the RoleThe CrowdStrike Endpoint Protection (EPP) Content Research and Response is seeking a motivated professional with technical skills to analyze malicious files and behaviors, intrusions, and implement detections to “stop the adversary”. This person will coordinate with our in-house emulation teams to support third party testing by creating detection content across different platforms. The Content Research and Response is focused on improving detection capability and efficiency for the Falcon Host platform through tactical analysis of ongoing attacks by criminal and nation state actors impacting our customer base. If you have a strong passion for security and technology, have an interest in supporting engineering projects, and want to gain real-world experience in dealing with advanced threat actors (be they nation-state, criminal, hacktivist or other), we have a role for you!We would like to hear from you if:You are familiar with the MITRE ATT&CK framework and had exposure with third party AV/EDR testing (AV Comparatives, AV Test, SE Labs, etc),You can demonstrate experience in conventional network\host-based intrusion analysis, digital forensics or malware analysis ,You are comfortable assessing cyber threat intelligence, open source intelligence or partner reporting,You have a keen interest in security research field (following subject matter expert blogs, building up static and dynamic analysis environment),You have knowledge of programming and scripting languages, in particular Python or Go,You have a good understanding of administrative functions of Windows,You are capable and comfortable communicating information to both technical and nontechnical stakeholders,You have a deep drive to “stop the bad guys”,You are looking for a dynamic, fast-paced and challenging role in an unconventional team environment,You have a Bachelor’s degree in information security, computer science or equivalent work experience.Bonus points awarded for:Knowledge of different operating system platforms (Windows, Unix, Mac)Experience in a security operations center or similar environment tracking threat actors and responding to incidents.Contributions to the open source community (GitHub, Stack Overflow, blogging)Published research papers at conferences or through other mediums (blogs, articles)#LI-DM1#LI-CF#LI-RemoteBenefits of Working at CrowdStrike:Remote-friendly cultureMarket leader in compensation and equity awardsWellness programsA variety of professional development and mentorship opportunitiesOpen offices have stocked kitchens, coffee, soda and treatsInclusive culture focused on people, customers and innovation
Threat Hunter, Romania (Remote) in Bucuresti
Datele de contact vor fi vizibile dupa ce veti aplica!