Incident Response Sr. Consultant (Remote, SGP)

About CrowdStrike

Employment Type: Full time

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.

About the Role

CrowdStrike is looking for a highly motivated, self-driven, incident response consultant dedicated to making a difference in global security by protecting organizations against the most advanced attackers in the world. Our CrowdStrike Services team offers opportunities to expand your skill set through a wide variety of engagements including front page incident response investigations for organizations you’ll find on the annual Fortune 100 list.

What You’ll Do

• Serve as technical lead on incident response engagements
• Develop and use new methods to hunt for bad actors across large sets of data.
• Work under the direction of outside counsel to conduct intrusion investigations
• Perform host and/or network-based forensics across Windows, Mac, and Linux platforms.
• Produce high-quality written and verbal reports, presentations, recommendations, and findings to key stakeholders including customer management, regulators, and legal counsel .
• Demonstrate industry thought leadership through blog posts, CrowdCasts, and other public speaking events.

What You’ll Need

Successful candidates will have experience in one or more of the following areas:

• Incident Response: experience conducting or managing incident response investigations for organizations, investigating targeted threats such as the Advanced Persistent Threat, Organized Crime, and Hacktivists.
• Computer Forensic Analysis: a background using a variety of forensic analysis tools in incident response investigations to determine the extent and scope of compromise.
• Network Forensic Analysis: strong knowledge of network protocols, network analysis tools like Bro/Zeek or Suricata, and ability to perform analysis of associated network logs.
• Reverse Engineering: ability to understand the capabilities of static and dynamic malware analysis.
• Incident Remediation: strong understanding of targeted attacks and able to create customized tactical and strategic remediation plans for compromised organizations.
• Network Operations and Architecture/Engineering: strong understanding of secure network architecture and strong background in performing network operations.
• Cloud Incident Response: knowledge in AWS, Azure, or GCP incident response methodologies.
• Communications: strong ability to communicate executive and/or detailed level findings to clients; ability to effectively communicate tasks, guidance, and methodology with internal teams
• Capable of completing technical tasks without supervision.
• Desire to grow and expand both technical and soft skills.
• Strong project management skills.
• Contributing thought leader within the incident response industry.
• Ability to foster a positive work environment and attitude.

Bonus Points

• GIAC Certified Incident Handler (GCIH)
• GIAC Certified Forensic Analyst (GCFA) or GCFE or GCFR
• Certified Information Systems Security Professional (CISSP)
• Certified Ethical Hacker (CEH)
• OSCP / OSCE (Offensive Security certifications for more offensive/technical IR work)
• Cloud incident response (AWS, Azure, GCP)

Education

• BA or BS / MA or M