About the Role:
CrowdStrike is looking for a highly motivated, self-driven, incident response consultant dedicated to making a difference in global security by protecting organizations against the most advanced attackers in the world. Our CrowdStrike Services team offers opportunities to expand your skill set through a wide variety of engagements including front page incident response investigations for organizations you'll find on the annual Fortune 100 list.
What You'll Do:
- Serve as technical lead on incident response engagements
- Develop and use new methods to hunt for bad actors across large sets of data.
- Work under the direction of outside counsel to conduct intrusion investigations
- Perform host and/or network-based forensics across Windows, Mac, and Linux platforms.
- Produce high-quality written and verbal reports, presentations, recommendations, and findings to key stakeholders including customer management, regulators, and legal counsel .
- Demonstrate industry thought leadership through blog posts, CrowdCasts, and other public speaking events.
What You'll Need:
Successful candidates will have experience in one or more of the following areas:
- Successful candidates will have experience in one or more of the following areas:
- Incident Response: experience conducting or managing incident response investigations for organizations, investigating targeted threats such as the Advanced Persistent Threat, Organized Crime, and Hacktivists.
- Computer Forensic Analysis: a background using a variety of forensic analysis tools in incident response investigations to determine the extent and scope of compromise.
- Network Forensic Analysis: strong knowledge of network protocols, network analysis tools like Bro/Zeek or Suricata, and ability to perform analysis of associated network logs.
- Reverse Engineering: ability to understand the capabilities of static and dynamic malware analysis.
- Incident Remediation: strong understanding of targeted attacks and able to create customized tactical and strategic remediation plans for compromised organizations.
- Network Operations and Architecture/Engineering: strong understanding of secure network architecture and strong background in performing network operations.
- Cloud Incident Response: knowledge in AWS, Azure, or GCP incident response methodologies.
- Communications: strong ability to communicate executive and/or detailed level findings to clients ability to effectively communicate tasks, guidance, and methodology with internal teams
- Capable of completing technical tasks without supervision.
- Desire to grow and expand both technical and soft skills.
- Strong project management skills.
- Contributing thought leader within the incident response industry.
- Ability to foster a positive work environment and attitude.
Bonus Points:
- GIAC Certified Incident Handler (GCIH)
- GIAC Certified Forensic Analyst (GCFA) or GCFE or GCFR
- Certified Information Systems Security Professional (CISSP)
- Certified Ethical Hacker (CEH)
- OSCP / OSCE (Offensive Security certifications for more offensive/technical IR work)
- Cloud incident response (AWS, Azure, GCP)
Education:
BA or BS / MA or MS degree in Computer Science, Computer Engineering, Math, Information Security, Information Assurance, Information Security Management, Intelligence Studies, Cybersecurity, Cybersecurity Policy, or a related field. Applicants without a degree but with relevant work experience and/or training will be considered.
