Incident Response Principal Consultant (Remote) at Crowdstrike

California, United States

Apply Now

Not SpecifiedCompensation

Senior (5 to 8 years), Expert & Leadership (9+ years)Experience Level

Full TimeJob Type

UnknownVisa

CybersecurityIndustries

Requirements

US based candidates located in Pacific or Mountain time zone
Team leadership experience in a matrixed consulting environment
Incident Response experience conducting or managing investigations for organizations, including targeted threats such as Advanced Persistent Threat, Organized Crime, and Hacktivists
Computer Forensic Analysis background using a variety of forensic tools in incident response investigations
Network Forensic Analysis: strong knowledge of network protocols, tools like Bro/Zeek or Suricata, and analysis of network logs
Reverse Engineering: ability to understand capabilities via static and dynamic malware analysis
Incident Remediation: strong understanding of targeted attacks and ability to create customized tactical and strategic remediation plans
Network Operations and Architecture/Engineering: strong understanding of secure network architecture and background in network operations
Cloud Incident Response: knowledge in AWS, Azure, or GCP incident response methodologies
Communications: strong ability to communicate executive and detailed findings to clients, and effectively communicate tasks and guidance

Responsibilities

Lead incident response engagements
Develop and use new methods to hunt for bad actors across large sets of data
Work under the direction of outside counsel to conduct intrusion investigations
Perform host and/or network-based forensics across Windows, Mac, and Linux platforms
Perform basic malware analysis
Produce high-quality written and verbal reports, presentations, recommendations, and findings to key stakeholders including customer management, regulators, and legal counsel
Demonstrate industry thought leadership through blog posts, CrowdCasts, and other public speaking events

Skills

Key technologies and capabilities for this role

Incident ResponseInformation SecurityCybersecurityVulnerability AnalysisBreach InvestigationTeam LeadershipCustomer Engagement

Questions & Answers

Common questions about this position

Is this position remote?

Yes, this is a remote position for US-based candidates located in either Pacific or Mountain time zones.

What are the key responsibilities of this role?

Responsibilities include leading incident response engagements, developing methods to hunt for bad actors, performing forensics across Windows, Mac, and Linux, basic malware analysis, and producing reports for stakeholders.

What experience is required for this Principal Consultant role?

Candidates need team leadership experience in a matrixed consulting environment and incident response experience conducting or managing investigations for targeted threats like Advanced Persistent Threats, Organized Crime, and Hacktivists, plus computer forensic analysis skills.

What is the company culture like at CrowdStrike?

CrowdStrike cultivates a culture that gives every employee flexibility and autonomy to own their careers, with a focus on limitless passion, relentless innovation, and commitment to customers, community, and each other, while working with like-minded smart people.

What makes a strong candidate for this role?

Strong candidates are highly motivated, self-driven technical experts with incident response or information security background, capable of leading teams, interacting with customers, staying current on vulnerabilities and breaches, and demonstrating thought leadership.

Crowdstrike

Cloud-native endpoint security solutions provider

About Crowdstrike

CrowdStrike specializes in cybersecurity, focusing on protecting businesses from cyber threats through cloud-native endpoint security solutions. Their main product, the Falcon platform, includes services like Falcon Pro, which replaces traditional antivirus with next-generation antivirus that integrates threat intelligence, Falcon Insight for endpoint detection and response, and Falcon Device Control to manage connected devices. Unlike many competitors, CrowdStrike's services are subscription-based, allowing clients to choose different levels of protection based on their needs. The company serves a diverse clientele, including many Fortune 100 companies, and is recognized as a leader in the cybersecurity field, known for its effectiveness in threat detection and response.

Austin, TexasHeadquarters

2011Year Founded

$468MTotal Funding

IPOCompany Stage

Enterprise Software, CybersecurityIndustries

5,001-10,000Employees

Benefits

Competitive Employee Stock Purchase Plan

Remote-friendly culture

Market leader in compensation and equity awards

Competitive vacation and flexible working arrangements

Comprehensive health benefits + 401k plan

Paid Parental Leave, including adoption

Wellness programs

Professional development and mentorship opportunities

Open offices have stocked kitchens, coffee, soda and treats

Risks

Increased competition from companies like Lumos could challenge CrowdStrike's market share.

Recovery from last year's outage may still affect customer trust and future sales.

Pressure to demonstrate ROI by 2025 could challenge CrowdStrike's financial transparency.

Differentiation

CrowdStrike's Falcon platform offers cloud-native endpoint security solutions, a key differentiator.

The company serves 44 of the Fortune 100, showcasing its strong market presence.

CrowdStrike's proactive threat hunting sets it apart in cybersecurity threat detection.

Upsides

Partnership with SonicWall opens new SMB market segment for CrowdStrike.

Recognition as a leader in ransomware prevention boosts CrowdStrike's market credibility.

Gamified learning initiatives help address cybersecurity skills gap, benefiting future talent pipeline.

Land your dream remote job 3x faster with AI

Try Jobo Free