Crowdstrike

Sr. Intelligence Analyst - Cloud Mission (Remote)

United States

Not SpecifiedCompensation
Senior (5 to 8 years), Expert & Leadership (9+ years)Experience Level
Full TimeJob Type
UnknownVisa
Cybersecurity, Information TechnologyIndustries

About CrowdStrike

Employment Type: Full time

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.

About the Role

CrowdStrike Intelligence, a core component of CrowdStrike, is seeking a motivated Intelligence Analyst with excellent analysis skills for the Global Threat Analysis Cell (GTAC) to identify, research and track trends associated with the cloud threat landscape. This role will be focused on tracking and documenting cloud-related techniques that are observed in the wild and their use by targeted intrusion and eCrime adversaries. It will involve close coordination with other subject matter experts within the Intelligence team and extensive collaboration to integrate data from other data sources. This position serves an important role in increasing our understanding of trends in the global cloud threat landscape, contributing to the continuous tracking of criminal and state-sponsored adversary groups, and ultimately developing finished intelligence products.

The ideal candidate for this position is a specialist in AWS/Azure/GCP log analysis with the ability to track the adversary landscape based on intrusion behavior. We are also open to applications by experienced and talented analysts without significant knowledge in this field that are willing to rapidly expand their skills to meet the following requirements:

What You'll Do

  • Identify threats, trends, and new developments in the cloud threat landscape by analyzing raw intelligence and data. This will involve querying Logscale and analyzing raw cloud logs including CloudTrail and Azure related logs
  • Research new techniques for clustering and tracking cloud-conscious threat actors
  • Identify and monitor the Tactics, Techniques, and Procedures (TTPs) employed by cyber threat actors that compromise cloud environments
  • Apply understood analytic tradecraft to gathered intelligence in a consistent manner
  • Provide and assist with finished intelligence analysis to internal and external customers through written reporting of varied depth on short deadlines, with minimal supervision
  • Collaborate across teams to inform various functions within CrowdStrike Intelligence about activity of interest and to coordinate adversary/campaign tracking
  • Identify intelligence gaps and submit requests for information to fill gaps
  • Conduct briefings as needed for a variety of levels of customers as requested (via either phone, video conference, webcast, in-person briefing, or industry conference)

What You'll Need

  • Minimum of 2-3 years’ experience in a threat intelligence environment or cloud-focused incident response
  • Motivated self-starter with experience in the cyber threat intelligence field, preferably with experience in researching and reporting on cloud incidents in AWS, Azure, or GCP as well as adversary behavior
  • Experience analyzing API logs (e.g. CloudTrail) from at least one of the three major cloud service providers: AWS, Azure, or GCP
  • Basic understanding of identity and access management (IAM) concepts in the cloud
  • Understanding of identity initial access and BEC techniques including AitM and password spraying
  • Ability to identify and track adversary tradecraft trends
  • Ability to produce quality finished intelligence products

Skills

AWS log analysis
Azure log analysis
GCP log analysis
Threat intelligence
Cybersecurity
Cloud security
Adversary tracking
Intrusion analysis
eCrime analysis
Data analysis
Intelligence product development

Crowdstrike

Cloud-native endpoint security solutions provider

About Crowdstrike

CrowdStrike specializes in cybersecurity, focusing on protecting businesses from cyber threats through cloud-native endpoint security solutions. Their main product, the Falcon platform, includes services like Falcon Pro, which replaces traditional antivirus with next-generation antivirus that integrates threat intelligence, Falcon Insight for endpoint detection and response, and Falcon Device Control to manage connected devices. Unlike many competitors, CrowdStrike's services are subscription-based, allowing clients to choose different levels of protection based on their needs. The company serves a diverse clientele, including many Fortune 100 companies, and is recognized as a leader in the cybersecurity field, known for its effectiveness in threat detection and response.

Austin, TexasHeadquarters
2011Year Founded
$468MTotal Funding
IPOCompany Stage
Enterprise Software, CybersecurityIndustries
5,001-10,000Employees

Benefits

Competitive Employee Stock Purchase Plan
Remote-friendly culture
Market leader in compensation and equity awards
Competitive vacation and flexible working arrangements
Comprehensive health benefits + 401k plan
Paid Parental Leave, including adoption
Wellness programs
Professional development and mentorship opportunities
Open offices have stocked kitchens, coffee, soda and treats

Risks

Increased competition from companies like Lumos could challenge CrowdStrike's market share.
Recovery from last year's outage may still affect customer trust and future sales.
Pressure to demonstrate ROI by 2025 could challenge CrowdStrike's financial transparency.

Differentiation

CrowdStrike's Falcon platform offers cloud-native endpoint security solutions, a key differentiator.
The company serves 44 of the Fortune 100, showcasing its strong market presence.
CrowdStrike's proactive threat hunting sets it apart in cybersecurity threat detection.

Upsides

Partnership with SonicWall opens new SMB market segment for CrowdStrike.
Recognition as a leader in ransomware prevention boosts CrowdStrike's market credibility.
Gamified learning initiatives help address cybersecurity skills gap, benefiting future talent pipeline.

Land your dream remote job 3x faster with AI