Crowdstrike

Penetration Test Engineer (Remote, ROU)

Romania

Not SpecifiedCompensation
Junior (1 to 2 years)Experience Level
Full TimeJob Type
UnknownVisa
CybersecurityIndustries

Position Overview

  • Location Type: [Not Specified]
  • Job Type: Full time
  • Salary: [Not Specified]

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.

This position is responsible for developmental and operational penetration testing for our product and all our online properties. This position requires someone with expertise in manual and automated web application penetration testing with the knowledge needed to breach security defenses. The ideal candidate will have at least two years of experience performing penetration tests using a mix of commercially available, open source, and personally built tools. A solid understanding of network protocols, server and web application weaknesses is also needed. The successful candidate will also have good communication skills and will provide a high level of security expertise to the company while working in a complex distributed environment.

Responsibilities

  • Perform comprehensive penetration testing assessments across the organization.
  • Manage the entire lifecycle of penetration testing findings from discovery, triage, advising, remediation, and validation.
  • Work with various different business units to perform penetration testing assessments on systems or applications before go live rollouts.
  • Examine systems and applications to assess the current security posture.
  • Manage penetration testing related tickets to ensure issues are remediated within proper timelines.
  • Advocate for security best practices across the organization.

Requirements

  • Advanced knowledge of server and client operating systems.
  • Extensive computer skills and an understanding of networking, cryptography, web applications, databases, and wireless technologies.
  • Ability to prioritize impactful findings and drive these items to remediation.
  • Experience working with Mac, Windows, Linux and/or other Unix-like variants.
  • Extensive understanding of TCP, UDP, HTTP, IP and other network protocols.
  • A detailed understanding of how to triage vulnerabilities using CVSS calculators and the ability to validate security related findings.
  • Possess the ability to work independently.
  • Proactive go-getter attitude to solve challenging problems.
  • Stays up to date with current vulnerabilities and vulnerability related news in various industries.
  • Ability to automate and script tasks using your preferred language (e.g. GoLang, Python, Ruby, Perl, BASH).
  • The ability to work remotely with teammates across the organization and maintain healthy working relationships.

Bonus Points

  • Familiarity with the OWASP Top 10 list
  • Experience working with cloud technologies (AWS, GCP, Azure, Kubernetes or docker), infrastructure as code tools (e.g., Terraform, Ansible), and/or container technologies
  • Familiarity with common threat actor tools, techniques, and procedures (TTPs), attack kill chains, and security control evasion.
  • Experience executing effective email phishing campaigns with custom domains, website hosting, payload delivery, credential harvesting, and additional components in this area.
  • Ability to utilize and write scripts against common web APIs (REST, SOAP).
  • Knowledge of cloud platforms and highly concurrent systems.
  • Knowledge of build pipelines and CI

Skills

Web Application Penetration Testing
Manual Testing
Automated Testing
Network Protocols
Security Weaknesses
Security Breach Techniques
Security Tools (Commercial, Open Source, Custom)

Crowdstrike

Cloud-native endpoint security solutions provider

About Crowdstrike

CrowdStrike specializes in cybersecurity, focusing on protecting businesses from cyber threats through cloud-native endpoint security solutions. Their main product, the Falcon platform, includes services like Falcon Pro, which replaces traditional antivirus with next-generation antivirus that integrates threat intelligence, Falcon Insight for endpoint detection and response, and Falcon Device Control to manage connected devices. Unlike many competitors, CrowdStrike's services are subscription-based, allowing clients to choose different levels of protection based on their needs. The company serves a diverse clientele, including many Fortune 100 companies, and is recognized as a leader in the cybersecurity field, known for its effectiveness in threat detection and response.

Austin, TexasHeadquarters
2011Year Founded
$468MTotal Funding
IPOCompany Stage
Enterprise Software, CybersecurityIndustries
5,001-10,000Employees

Benefits

Competitive Employee Stock Purchase Plan
Remote-friendly culture
Market leader in compensation and equity awards
Competitive vacation and flexible working arrangements
Comprehensive health benefits + 401k plan
Paid Parental Leave, including adoption
Wellness programs
Professional development and mentorship opportunities
Open offices have stocked kitchens, coffee, soda and treats

Risks

Increased competition from companies like Lumos could challenge CrowdStrike's market share.
Recovery from last year's outage may still affect customer trust and future sales.
Pressure to demonstrate ROI by 2025 could challenge CrowdStrike's financial transparency.

Differentiation

CrowdStrike's Falcon platform offers cloud-native endpoint security solutions, a key differentiator.
The company serves 44 of the Fortune 100, showcasing its strong market presence.
CrowdStrike's proactive threat hunting sets it apart in cybersecurity threat detection.

Upsides

Partnership with SonicWall opens new SMB market segment for CrowdStrike.
Recognition as a leader in ransomware prevention boosts CrowdStrike's market credibility.
Gamified learning initiatives help address cybersecurity skills gap, benefiting future talent pipeline.

Land your dream remote job 3x faster with AI