Crowdstrike

Lead Threat Hunter (Remote)

United States

Not SpecifiedCompensation
Senior (5 to 8 years)Experience Level
Full TimeJob Type
UnknownVisa
CybersecurityIndustries

Position Overview

  • Location Type: [Not Specified]
  • Job Type: Full-time
  • Salary: [Not Specified]

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.

About this Role

As a Lead Threat Hunter, you will be a key member of our Security Operations team, driving the detection, investigation, and response to advanced cyber threats. In this role, you will design and refine detection patterns across various technologies, participate in active threat hunting, and guide the organization's security posture with your insights and expertise. Your ability to operate across a wide array of data sources, maintain rigorous confidentiality, and provide hands-on incident response will be critical to safeguarding CrowdStrike's assets and reputation.

What You’ll Do

Leadership & Program Management:

  • Lead and define organizational threat hunting strategy
  • Guide and mentor junior threat hunters
  • Provide technical leadership and expertise to the Incident Response team
  • Design and implement structured hunting frameworks
  • Prioritize hunting operations based on threat intelligence and risk
  • Measure and report on program effectiveness
  • Champion agile project management fundamentals for hunting initiatives

Threat Detection & Analysis:

  • Develop detection patterns across different technologies and log sources
  • Triage detections to identify and remediate threats, including containment and live response
  • Execute structured threat hunting missions using hypothesis-driven approaches
  • Create and implement custom hunting queries and detection logic
  • Leverage structured analytic techniques and MITRE ATT&CK framework to track adversarial behavior

Incident Response & Escalation:

  • Participate in incident response activities, providing technical expertise
  • Offer on-demand after-hours support for critical security incidents
  • Collaborate with cross-functional teams on threat mitigation
  • Transform hunt findings into actionable incident response procedures
  • Develop threat hunting use cases based on incident response findings

Security Data Management & Reporting:

  • Identify coverage gaps and optimize security data and tooling
  • Prepare and present hunting metrics to technical and executive stakeholders
  • Utilize OSINT and closed intelligence sources for threat analysis
  • Maintain comprehensive hunt documentation and knowledge base
  • Develop and maintain hunting dashboards for program visibility

Tooling & Integration:

  • Engineer and tune security detections for SOAR, SIEM, and TIP
  • Develop and maintain custom hunting tools and scripts
  • Integrate hunting capabilities into existing security stack
  • Automate routine hunting tasks and data collection

Cross-functional Collaboration:

  • Partner with key stakeholders (Networking, Infrastructure, DevOps)
  • Coordinate threat management approaches across security teams
  • Present findings and recommendations to various audience levels
  • Drive continuous improvement through knowledge sharing and innovation

What You'll Need

Education & Experience:

  • Bachelor's degree (or equivalent experience) in a computer-related field
  • 8+ years of progressive experience in Information Security, Threat Hunting, or related roles
  • US Citizenship required due to direct work on GovCloud

Technical Expertise:

  • Proven understanding of the MI

Skills

Threat Hunting
Cybersecurity
Incident Response
Detection Patterns
Threat Intelligence
Data Analysis
Security Operations
Program Management
Leadership
Mentoring

Crowdstrike

Cloud-native endpoint security solutions provider

About Crowdstrike

CrowdStrike specializes in cybersecurity, focusing on protecting businesses from cyber threats through cloud-native endpoint security solutions. Their main product, the Falcon platform, includes services like Falcon Pro, which replaces traditional antivirus with next-generation antivirus that integrates threat intelligence, Falcon Insight for endpoint detection and response, and Falcon Device Control to manage connected devices. Unlike many competitors, CrowdStrike's services are subscription-based, allowing clients to choose different levels of protection based on their needs. The company serves a diverse clientele, including many Fortune 100 companies, and is recognized as a leader in the cybersecurity field, known for its effectiveness in threat detection and response.

Austin, TexasHeadquarters
2011Year Founded
$468MTotal Funding
IPOCompany Stage
Enterprise Software, CybersecurityIndustries
5,001-10,000Employees

Benefits

Competitive Employee Stock Purchase Plan
Remote-friendly culture
Market leader in compensation and equity awards
Competitive vacation and flexible working arrangements
Comprehensive health benefits + 401k plan
Paid Parental Leave, including adoption
Wellness programs
Professional development and mentorship opportunities
Open offices have stocked kitchens, coffee, soda and treats

Risks

Increased competition from companies like Lumos could challenge CrowdStrike's market share.
Recovery from last year's outage may still affect customer trust and future sales.
Pressure to demonstrate ROI by 2025 could challenge CrowdStrike's financial transparency.

Differentiation

CrowdStrike's Falcon platform offers cloud-native endpoint security solutions, a key differentiator.
The company serves 44 of the Fortune 100, showcasing its strong market presence.
CrowdStrike's proactive threat hunting sets it apart in cybersecurity threat detection.

Upsides

Partnership with SonicWall opens new SMB market segment for CrowdStrike.
Recognition as a leader in ransomware prevention boosts CrowdStrike's market credibility.
Gamified learning initiatives help address cybersecurity skills gap, benefiting future talent pipeline.

Land your dream remote job 3x faster with AI