Principal Consultant, Cloud Incident Response (Remote)

CrowdStrike - Cloud Incident Response Senior/Principal Consultant

Employment Type: Full time

Position Overview

CrowdStrike is a global leader in cybersecurity, protecting people, processes, and technologies that drive modern organizations. Our mission is to stop breaches, and we have redefined modern security with the world's most advanced AI-native platform. We are a mission-driven company that cultivates a culture of flexibility, autonomy, and innovation. We are seeking highly motivated, self-driven technical consultants dedicated to making a difference in global security by protecting organizations against advanced attackers.

The CrowdStrike Services team offers opportunities to expand your skill set through a wide variety of engagements, including front-page incident response investigations for Fortune 100 organizations. As a Senior/Principal Consultant in CrowdStrike’s Cloud Incident Response Team, you will be responsible for assisting clients in identifying, responding to, and containing attacker activity in their Azure and M365 environments. You will also contribute to and spearhead automation projects to improve the team’s incident response capabilities.

Am I A Cloud IR Sr/Principal Consultant Candidate?

• Are you interested in and keeping up with the latest Azure and M365 vulnerabilities and breaches?
• Are you self-motivated and looking for an opportunity to rapidly accelerate your skills?
• Do you crave new and innovative work that actually matters to customers?
• Do you have an Incident Response or Information Security background that you’re not fully utilizing?
• Are you capable of operating as an individual contributor?
• Are you an effective internal and customer-facing team leader?
• Do you love working around like-minded, smart people who you can learn from and mentor on a daily basis?

Responsibilities

• Manage projects and perform forensic analysis on incident response engagements involving Azure and M365.
• Manage projects and perform analysis on technical assessments looking for compromise or security misconfigurations in Azure and M365.
• Manage projects and deliver adversary simulation (purple team) exercises in Azure and M365.
• Produce high-quality written and verbal reports, presentations, recommendations, and findings to key stakeholders, including customer management and legal counsel.
• Demonstrate industry thought leadership through blog posts, CrowdCasts, and other public speaking events.

Requirements

Successful candidates will have experience in one or more of the following areas:

• Cloud Incident Response: Knowledge in M365, Azure incident response methodologies.
• Cloud Operations: Familiarity with how modern workloads work in the cloud (DevOps, CI/CD pipelines, containers, functions, etc.) and related security defenses and pitfalls.
• Incident Response: Experience supporting or managing incident response investigations for organizations, investigating targeted threats such as Advanced Persistent Threats (APTs), Organized Crime, and Hacktivists.
• In-depth knowledge of Cloud Service Providers Forensic Analysis: A background using a variety of forensic analysis tools in incident response investigations to determine the extent and scope of compromise.
• Incident Remediation: Strong understanding of targeted attacks and the ability to create customized tactical and strategic remediation plans for compromised organizations related to major cloud platforms.
• Communications: Strong ability to communicate executive and/or technical information effectively.

Company Information

CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.