Senior Security Researcher - Counter Adversary Operations

Employment Type: Full time

Position Overview

CrowdStrike is a global leader in cybersecurity, protecting the people, processes, and technologies that drive modern organizations. Our mission since 2011 has been to stop breaches, and we have redefined modern security with the world's most advanced AI-native platform. We serve customers across all industries, providing them with the security needed to keep their businesses running, communities safe, and lives moving forward. CrowdStrike fosters a mission-driven culture that offers flexibility and autonomy, empowering every CrowdStriker to own their careers. We are seeking talented individuals with boundless passion, a relentless focus on innovation, and a fanatical commitment to our customers, community, and each other. Join us in a mission that matters, where the future of cybersecurity starts with you.

About the Role

CrowdStrike is seeking a self-starting, action-oriented, and highly motivated Senior Security Researcher to join our Counter Adversary Operations Team. This role is crucial for tracking and collecting information on Russian-language eCrime actors, their tools, tradecraft, and techniques across diverse environments, including the deep and dark web. The insights generated are instrumental in producing high-quality intelligence products for CrowdStrike customers and stakeholders.

The ideal candidate is operationally security (OPSEC)-savvy, detail-oriented, and an adept problem solver with a proven track record of managing concurrent projects and executing tasks with minimal direction. Highly qualified candidates will possess subject matter expertise on Russian/Eastern-European eCrime cyber threat actors, significant experience in advanced engagement and research related to this activity, a solid understanding of threat intelligence, strong open-source intelligence (OSINT) research skills, and comfort with internal and cross-team collaboration.

Responsibilities

• Collect unique, relevant, actionable, and timely information to address established standing and ad hoc requirements concerning Russian/Eastern-European eCrime actors.
• Leverage advanced engagement skills and OSINT tradecraft to follow leads, identify Russian/Eastern-European eCrime threat actors, and track their activities across various online communities.
• Identify current and emerging cyber threats and trends related to Russian/Eastern-European eCrime, including technical details.
• Create consistently clear, highly contextualized internal reports of collected information to facilitate robust analysis.
• Collaborate with teams responsible for analytical reports and threat estimates pertaining to Russian/Eastern-European eCrime topics.
• Employ secure virtual operational tradecraft methods and practices.

Requirements

• Required:
  • Extensive experience navigating a wide variety of cyber threat actor environments, including social media, hidden services, and forums.
  • In-depth familiarity with a wide variety of Russian-language eCrime groups.
  • Practical knowledge of technical terminology, tools, and tactics employed by eCrime actors, particularly those used by Russian-language eCrime actors.
  • Ability to perform comprehensive direct engagement and OSINT investigations using Russian-language skills.
  • Ability to adapt quickly to changing environments and identify creative solutions to difficult problems and scenarios with persistence. Tenacity is key.
  • Ability to work effectively both as part of a team and independently and proactively.
  • Ability to work effectively under tight deadlines with minimal guidance.
  • Excellent attention to detail.
• Preferred:
  • Additional background in Russian/Eastern European geopolitical issues.
  • Language capabilities including, but not limited to, Russian and Ukrainian.
  • Prior intelligence community, human intelligence (HUMINT), or cyber threat intelligence background.