Crowdstrike

Incident Response Analyst (Remote, ROU)

Romania

Auto‑apply with AI Apply

Not SpecifiedCompensation

Junior (1 to 2 years)Experience Level

Full TimeJob Type

UnknownVisa

CybersecurityIndustries

Requirements

Candidates should possess 1-3 years of hands-on SOC experience performing alert triage, incident handling, and first-responder containment while working daily with SIEM/SOAR, EDR, IDS/IPS, firewalls/proxies, email-security tools, and deep log analysis. Practical knowledge of Windows, macOS, and Linux internals and logging (Event Logs, Sysmon, auditd, etc.) is required, along with a solid grasp of TCP/IP, OSI layers, and common protocols, and proficiency with search/query languages (LQL, SPL, KQL, SQL etc.).

Responsibilities

The Incident Response Analyst will provide continuous coverage for SIEM/SOAR, EDR, network, cloud, and email-security consoles, validating alerts, enriching with context, suppressing false positives, and acting on confirmed threats. They will gather evidence from logs, host telemetry, and threat-intel feeds to determine scope, severity, and business impact, execute pre-approved playbook actions, escalate high-severity incidents, record investigative steps, and identify noisy rules or missing log sources. Additionally, they will participate in the refinement of runbooks, draft new ones, and champion automation opportunities, and collaborate with a diverse team to explain technical risk to stakeholders.

Skills

Incident Response

Alert Investigation

Live Response

Containment

Remediation

Log Analysis

Endpoint Telemetry

Security Operations

Threat Detection

Security Tools

Crowdstrike

Cloud-native endpoint security solutions provider

About Crowdstrike

CrowdStrike specializes in cybersecurity, focusing on protecting businesses from cyber threats through cloud-native endpoint security solutions. Their main product, the Falcon platform, includes services like Falcon Pro, which replaces traditional antivirus with next-generation antivirus that integrates threat intelligence, Falcon Insight for endpoint detection and response, and Falcon Device Control to manage connected devices. Unlike many competitors, CrowdStrike's services are subscription-based, allowing clients to choose different levels of protection based on their needs. The company serves a diverse clientele, including many Fortune 100 companies, and is recognized as a leader in the cybersecurity field, known for its effectiveness in threat detection and response.

Key Metrics

Austin, TexasHeadquarters

2011Year Founded

$468MTotal Funding

IPOCompany Stage

Enterprise Software, CybersecurityIndustries

5,001-10,000Employees

Benefits

Competitive Employee Stock Purchase Plan

Remote-friendly culture

Market leader in compensation and equity awards

Competitive vacation and flexible working arrangements

Comprehensive health benefits + 401k plan

Paid Parental Leave, including adoption

Wellness programs

Professional development and mentorship opportunities

Open offices have stocked kitchens, coffee, soda and treats

Risks

Increased competition from companies like Lumos could challenge CrowdStrike's market share.

Recovery from last year's outage may still affect customer trust and future sales.

Pressure to demonstrate ROI by 2025 could challenge CrowdStrike's financial transparency.

Differentiation

CrowdStrike's Falcon platform offers cloud-native endpoint security solutions, a key differentiator.

The company serves 44 of the Fortune 100, showcasing its strong market presence.

CrowdStrike's proactive threat hunting sets it apart in cybersecurity threat detection.

Upsides

Partnership with SonicWall opens new SMB market segment for CrowdStrike.

Recognition as a leader in ransomware prevention boosts CrowdStrike's market credibility.

Gamified learning initiatives help address cybersecurity skills gap, benefiting future talent pipeline.

Land your dream remote job 3x faster with AI

Try Jobo Free