Threat Analyst II

  • Full Time
  • Remote
  • Mid Level
  • Jan 1, 2023

Website CrowdStrike

We Stop Breaches

​​#WeAreCrowdStrike and our mission is to stop breaches. As a global leader in cybersecurity, our team changed the game. Since our inception, our market leading cloud-native platform has offered unparalleled protection against the most sophisticated cyberattacks. We’re looking for people with limitless passion, a relentless focus on innovation and a fanatical commitment to the customer to join us in shaping the future of cybersecurity. Consistently recognized as a top workplace, CrowdStrike is committed to cultivating an inclusive, remote-first culture that offers people the autonomy and flexibility to balance the needs of work and life while taking their career to the next level. Interested in working for a company that sets the standard and leads with integrity? Join us on a mission that matters – one team, one fight.

About the Role:

CrowdStrike is the leader in cloud-delivered next-generation endpoint protection, threat intelligence, and pre- and post-incident response services.  With the ability to collect and process over 100 billion events a day, CrowdStrike has revolutionized endpoint protection by being the first and only company to unify next-generation antivirus (AV), endpoint detection and response (EDR), and a 24/7 managed hunting service — all delivered via a single lightweight agent.  We are one of the World’s Most 50 Innovative Companies according to MIT, and one of Forbes Most Promising Companies. Our growth and innovation are driven by incredible employees who deliver unmatched customer success.

The CrowdStrike Security Response Team is seeking a motivated professional with technical skills to analyze malware and detections. The Security Response Team is focused on improving detection capability and efficiency for the Falcon Host platform through tactical analysis of ongoing attacks by criminal and nation state actors impacting our customer base.

Security Response Analysts respond and investigate individual incidents and track large scale campaigns of malicious activity across a vast customer base leveraging the CrowdStrike Threat Graph™. The analyst is responsible for reviewing and tuning detections within the platform to provide high quality and high fidelity detections. In addition the analyst is responsible for reviewing output of our Machine Learning algorithms to aid in continuous training efforts to provide maximum results.

Security Response is dedicated to responding to our customer’s security needs as threats evolve and ensuring CrowdStrike maintains coverage of all relevant threats regardless of the source of attack.  Falcon Host is a unique endpoint detection and response solution and Security Analysts on the Security Response Team will have the opportunity to translate their analysis findings into impactful detection capabilities backed by an unprecedented number of events at their disposal for analytic initiatives.

What You’ll Do:

Review current product detections to ensure they are performing to the company standard.
Perform tasks to enable detection false positive reduction.
Analyze binary files to determine if they are legitimate or malicious.
Address customer questions and concerns as it relates to detections.

What You’ll Need:

Exposure and understanding through academics or personal explorations on different types and functionality of malware.
Fundamental understanding of attributes of binary files such as imports/exports and packers.
Understanding of Linux OS internals and Linux malware.
Ability to demonstrate practical knowledge of research / collection skills and analytical methods.
Knowledge of programming and scripting languages, in particular Python.
Experience with writing and testing YARA rules.

Bonus Points:

Experience in a security operations center or similar environment responding to incidents.
Familiarity with tools used in targeted and criminal intrusions.
A background in exploit and vulnerability analysis is a plus.
Knowledge of a variety of programming languages including C, C++, Java, and assembly.
General understanding of threat/risk management and threat/risk assessment.

Education:

BA/BS or MA/MS degree or equivalent experience in Computer Science, Information Security, or a related field

Location: United States
Preferred:  CST

To apply for this job email your details to roy.cooper@crowdstrike.com