Staff Windows Systems & Automation Engineer (Remote) at Crowdstrike

United States

Apply Now
Crowdstrike Logo
Not SpecifiedCompensation
Senior (5 to 8 years), Expert & Leadership (9+ years)Experience Level
Full TimeJob Type
UnknownVisa
CybersecurityIndustries

Requirements

  • 8+ years designing, building, and operating enterprise Windows platforms (server + endpoint)
  • 8+ years owning AD, DNS/DHCP, NPS at large scale (10k+ endpoints or equivalent)
  • Proven track record as a Windows expert in designing, automating, and securing large-scale enterprise environments
  • Hands-on systems administration depth and top-tier troubleshooting across OS, apps, networking, and identity
  • SCCM/MECM expertise for endpoint computing (Windows 10/11)
  • Familiarity with hybrid data center with multi-cloud (AWS + GCP)
  • Familiarity with virtualization (VMware vSphere/Hyper-V), backup/restore workflows, and operational monitoring

Responsibilities

  • Architect, operate, and harden Active Directory (multi-forest, multi-site), DNS/DHCP, and NPS/RADIUS for Wi-Fi/VPN/802.1X (EAP-TLS)
  • Lead GPO strategy, OU design, admin tiering, delegation, and AD replication/site topology
  • Own endpoint lifecycle at scale: imaging/OSD, driver/firmware management, software packaging/distribution, update rings, device health/telemetry, and fleet compliance
  • Engineer endpoint security baselines: BitLocker, LAPS, WDAC/AppLocker, Defender/EDR integrations, credential hardening, and certificate deployment for EAP-TLS/mTLS
  • Lead SCCM/MECM architecture and operations: Task Sequences/OSD, app packaging, SUP/WSUS patching, compliance baselines, collections, reporting/CMPivot, and role-based access
  • Drive release rings, maintenance windows, and measurable patch compliance SLOs across large fleets
  • Triage and resolve complex endpoint/server issues: logon slowness, BSODs/hangs, app crashes, update/install failures, 802.1X/RADIUS auth problems, and TLS/certificate breakage
  • Use deep diagnostics: Sysinternals (ProcMon/ProcExp/Autoruns), Windows Performance Toolkit (WPR/WPA), WinDbg/WER, ETW/WEF, PerfMon, Wireshark, and netsh/packet capture to find root causes and prevent recurrences
  • Deliver automation (PowerShell, PowerShell DSC, Terraform, Packer) for provisioning, configuration, drift control, and compliance—with CI/CD (GitHub Actions/GitLab/Jenkins)
  • Build self-service patterns and APIs (golden images, desired-state baselines, just-in-time access)
  • Design and operate enterprise PKI: policy-driven issuance/renewal, inventory/attestation, CRL/OCSP, and revocation at scale
  • Integrate with ADCS, AWS ACM / ACM Private CA, GCP Certificate Authority Service, Venafi, HashiCorp Vault PKI, cert-manager/ACME; enable EAP-TLS, service mTLS, code-signing, and device certs
  • Standardize and harden Windows workloads in AWS (EC2/SSM/KMS/IAM/ACM/Directory Service/Route 53) and GCP (Managed Microsoft AD, GCE, Cloud DNS/KMS/CAS)
  • Build reproducible images and baseline configs for domain-joined and cloud-native instances
  • Hands-on Windows server ops (storage/SMB, DFS, file/print), performance tuning, and core network triage (DHCP/DNS/Kerberos)

Skills

Key technologies and capabilities for this role

WindowsActive DirectorySCCMDNSDHCPNPSRADIUSGPOBitLockerLAPSWDACAppLockerDefenderEDRAWSGCP

Questions & Answers

Common questions about this position

Is this position remote?

Yes, this is a remote position as indicated by the job title.

What is the salary range for this role?

This information is not specified in the job description.

What key skills and expertise are required for this role?

The role requires deep expertise in Windows systems including Active Directory (multi-forest, multi-site), SCCM/MECM for endpoint management, PowerShell automation (including DSC), and troubleshooting with tools like Sysinternals, WinDbg, and Wireshark. Experience architecting DNS/DHCP, NPS/RADIUS, endpoint security baselines (BitLocker, WDAC), and automation with Terraform/Packer in hybrid multi-cloud environments (AWS/GCP) is essential.

What is the company culture like at CrowdStrike?

CrowdStrike cultivates a culture that gives every employee flexibility and autonomy to own their careers, with a focus on limitless passion, relentless innovation, and commitment to customers, community, and each other.

What makes a strong candidate for this position?

A strong candidate is a Windows expert with hands-on experience designing, automating, and securing large-scale enterprise environments, proven track record in AD, SCCM, endpoint lifecycle management, security hardening, deep troubleshooting, and automation using PowerShell, Terraform, and CI/CD tools.

Crowdstrike

Cloud-native endpoint security solutions provider

Website

About Crowdstrike

CrowdStrike specializes in cybersecurity, focusing on protecting businesses from cyber threats through cloud-native endpoint security solutions. Their main product, the Falcon platform, includes services like Falcon Pro, which replaces traditional antivirus with next-generation antivirus that integrates threat intelligence, Falcon Insight for endpoint detection and response, and Falcon Device Control to manage connected devices. Unlike many competitors, CrowdStrike's services are subscription-based, allowing clients to choose different levels of protection based on their needs. The company serves a diverse clientele, including many Fortune 100 companies, and is recognized as a leader in the cybersecurity field, known for its effectiveness in threat detection and response.

Austin, TexasHeadquarters
2011Year Founded
$468MTotal Funding
IPOCompany Stage
Enterprise Software, CybersecurityIndustries
5,001-10,000Employees

Benefits

Competitive Employee Stock Purchase Plan
Remote-friendly culture
Market leader in compensation and equity awards
Competitive vacation and flexible working arrangements
Comprehensive health benefits + 401k plan
Paid Parental Leave, including adoption
Wellness programs
Professional development and mentorship opportunities
Open offices have stocked kitchens, coffee, soda and treats

Risks

Increased competition from companies like Lumos could challenge CrowdStrike's market share.
Recovery from last year's outage may still affect customer trust and future sales.
Pressure to demonstrate ROI by 2025 could challenge CrowdStrike's financial transparency.

Differentiation

CrowdStrike's Falcon platform offers cloud-native endpoint security solutions, a key differentiator.
The company serves 44 of the Fortune 100, showcasing its strong market presence.
CrowdStrike's proactive threat hunting sets it apart in cybersecurity threat detection.

Upsides

Partnership with SonicWall opens new SMB market segment for CrowdStrike.
Recognition as a leader in ransomware prevention boosts CrowdStrike's market credibility.
Gamified learning initiatives help address cybersecurity skills gap, benefiting future talent pipeline.

Related Jobs

Remote
Remote iconRemote

Windows Endpoint Engineer

Stairwell
$160,000 - $180,000/year
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years)
Wisconsin
Remote iconRemote

Active LTC Benefits Spec

Northwestern Mutual
Salary not specified
United States
Remote iconRemote

IT Engineer

Chainguard
Salary not specified
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years), Expert & Leadership (9+ years)
Nashville +1 more
Remote iconRemote

Senior IT Engineer

Built Technologies
Salary not specified
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years)
United States
Remote iconRemote

IT Systems Administrator

Serve Robotics
$105,000 - $118,000/year
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years), Expert & Leadership (9+ years)
United States
Remote iconRemote

Director, Business Systems

Boulevard
Salary not specified
  • Employment type iconFull Time
  • Experience level iconExpert & Leadership (9+ years)

Land your dream remote job 3x faster with AI

Try Jobo Free