CrowdStrike - Cloud Incident Response Senior/Principal Consultant

Employment Type: Full-time

Position Overview

CrowdStrike is a global leader in cybersecurity, dedicated to protecting people, processes, and technologies that drive modern organizations. Since 2011, our mission has been to stop breaches, and we have redefined modern security with the world's most advanced AI-native platform. We serve customers across all industries, who rely on CrowdStrike to keep their businesses running, their communities safe, and their lives moving forward. We are a mission-driven company that cultivates a culture of flexibility and autonomy, empowering every CrowdStriker to own their careers. We are seeking talented individuals with limitless passion, a relentless focus on innovation, and a fanatical commitment to our customers, community, and each other. The future of cybersecurity starts with you.

About the Role

CrowdStrike is looking for highly motivated, self-driven, technical consultants dedicated to making a difference in global security by protecting organizations against the most advanced attackers in the world. Our CrowdStrike Services team offers opportunities to expand your skill set through a wide variety of engagements, including front-page incident response investigations for Fortune 100 organizations.

As a Sr/Principal Consultant in CrowdStrike’s Cloud Incident Response Team, you will be responsible for assisting clients in identifying, responding to, and containing attacker activity in their Azure and M365 environments. You will also contribute to and spearhead automation projects to improve the team’s incident response capabilities.

Am I a Cloud IR Sr/Principal Consultant Candidate?

• Are you interested in and keeping up with the latest Azure and M365 vulnerabilities and breaches?
• Are you self-motivated and looking for an opportunity to rapidly accelerate your skills?
• Do you crave new and innovative work that actually matters to customers?
• Do you have an Incident Response or Information Security background that you’re not fully utilizing?
• Are you capable of operating as an individual contributor?
• Are you an effective internal and customer-facing team leader?
• Do you enjoy working with like-minded, smart people whom you can learn from and mentor daily?

What You’ll Do

• Manage projects and perform forensic analysis on incident response engagements involving Azure and M365.
• Manage projects and perform analysis on technical assessments looking for compromise or security misconfigurations in Azure and M365.
• Manage projects and deliver adversary simulation (purple team) exercises in Azure and M365.
• Produce high-quality written and verbal reports, presentations, recommendations, and findings to key stakeholders, including customer management and legal counsel.
• Demonstrate industry thought leadership through blog posts, CrowdCasts, and other public speaking events.

What You’ll Need

Successful candidates will have experience in one or more of the following areas:

• Cloud Incident Response: Knowledge in M365 and Azure incident response methodologies.
• Cloud Operations: Familiarity with how modern workloads operate in the cloud (DevOps, CI/CD pipelines, containers, functions, etc.) and related security defenses and pitfalls.
• Incident Response: Experience supporting or managing incident response investigations for organizations, investigating targeted threats such as Advanced Persistent Threats (APTs), Organized Crime, and Hacktivists.
• In-depth Knowledge of Cloud Service Providers Forensic Analysis: A background using a variety of forensic analysis tools in incident response investigations to determine the extent and scope of compromise.
• Incident Remediation: Strong understanding of targeted attacks and the ability to create customized tactical and strategic remediation plans for compromised organizations related to major cloud platforms.
• Communications: Strong ability to communicate executive and/or detailed level findings to stakeholders.