Threat Hunter (Remote, West Coast)

About CrowdStrike

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.

Employment Type: Full time

About the Role

The CrowdStrike OverWatch team is seeking a motivated, entry-level cybersecurity professional with outstanding technical skills to analyze eCrime threat actor activity, identify intrusions, and develop cutting-edge tools to improve our detection capabilities. As part of our remote close-knit team, you will bring with you your experience in cybersecurity or threat intelligence to help evolve how we do threat hunting at CrowdStrike.

After a period of learning our custom-built tool suite, workflows, and methodologies you will join other OverWatch analysts protecting our customer's networks by identifying and understanding intrusions using Falcon Endpoint data and the broader CrowdStrike product suite. When the pressure is off you will be involved in building tools, and working with other CrowdStrike teams across a broad range of topics and projects.

As you grow in your role there will be plenty of opportunities for you to expand and shape the sort of detection and threat hunting you do within OverWatch, as well as career and professional development opportunities for the enthusiastic.

What You’ll Do

As a junior threat hunter within the OverWatch team, you will have the unique opportunity to be part of a world-class team in which you will learn fundamental concepts and notions key to our threat hunting operations. You will be mentored by seasoned and experienced hunters who will help you grow into the role and learn about common adversary tactics, techniques and procedures. This knowledge will aid you in the fight against threat actors, by pivoting through huge datasets collected by CrowdStrike’s Falcon sensor, identifying malicious activity, notifying our customers and improving our tools and processes.

• Analyze adversary activity and communicate findings to customers as part of our fast-paced time sensitive mission to help stop breaches.
• Undertake research to improve our detection capabilities and increase our understanding of our adversaries.
• Leverage network/host-based intrusion analysis, digital forensics, and cyber threat intelligence to uncover and analyze intrusions.
• Gain fast-paced experience in dealing with state-sponsored threat actors.
• Take on responsibilities for hunting specific nation-state adversaries in our immense data set.

What You'll Need

Required:

• Demonstrated experience in either network/host-based intrusion analysis, digital forensics or cyber threat intelligence.
• Experience conducting threat hunting and/or intrusion analysis using endpoint telemetry.
• An understanding of nation-state adversary motivations and TTPs.
• Ability to convey complex or technical concepts to various stakeholders.
• Possess basic understanding of at least one major operating system type (Windows, MacOS, Linux).
• Understanding of current and emerging threats and ability to demonstrate practical knowledge of security research.
• Keep up-to-date across the cybersecurity landscape.
• Possess the ability to think analytically and assess activity quickly and accurately.
• You are capable and comfortable communicating technical concepts to your peers both verbally and