Experienced Intrusion Analyst - GovCloud, 3rd Shift (Remote) - Threat Hunting and Cybersecurity Expert

Introduction to CrowdStrike

CrowdStrike is a global leader in cybersecurity, dedicated to protecting our customers from the most sophisticated cyberattacks. Our market-leading cloud-native platform has revolutionized the industry, offering unparalleled protection and setting a new standard for cybersecurity. We're committed to cultivating an inclusive, remote-first culture that provides our team members with the autonomy and flexibility to balance work and life while taking their careers to the next level. At CrowdStrike, we're passionate about innovation, customer satisfaction, and making a meaningful impact in the world of cybersecurity.

About the Role

The CrowdStrike OverWatch GovCloud team is seeking a highly motivated and experienced Intrusion Analyst to join our Threat Hunting team. As an Intrusion Analyst, you will play a critical role in analyzing threat actor activity, identifying intrusions, creating detections, and tracking campaigns. You will be part of a cutting-edge team that regularly faces off against sophisticated threat actors, and you will have the opportunity to gain real-world experience in dealing with advanced threats. If you're proficient in host-based or network intrusion analysis, digital forensics, or cyber threat intelligence, we encourage you to apply for this exciting role.

Key Responsibilities

• Protect our customers' networks by identifying and understanding intrusions using Falcon Endpoint data and the broader CrowdStrike product suite.
• Analyze adversary activity and communicate findings to customers as part of our fast-paced, time-sensitive mission to help stop breaches.
• Undertake research to improve our detection capabilities and understand our adversaries.
• Participate in active and passive threat hunting to identify and disrupt threat actors.
• Gain hands-on experience in dealing with threat actors and contribute to the development of our threat hunting capabilities.

Requirements and Qualifications

To be successful in this role, you will need to demonstrate the following skills and qualifications:

Required Qualifications

• Experience in conventional network or host-based intrusion analysis, digital forensics, or handling malware.
• A strong grasp of how Windows, macOS, and Linux operating systems function.
• Comfortable assessing cyber threat intelligence, open-source intelligence, or industry reporting.
• Knowledge of programming and scripting languages, such as Python or Go.
• Understanding of administrative tools and how adversaries may leverage them to live-off-the-land.
• Ability to communicate actionable threat intelligence to both technical and executive-level stakeholders.
• Familiarity with adversary techniques and attack lifecycles, such as those found in the MITRE ATT&CK matrix.
• Willingness and ability to periodically undergo and pass additional background and fingerprint checks consistent with government customer requirements.

Preferred Qualifications

• Hands-on experience hunting for and/or responding to incidents associated with eCrime and/or Nation-state adversaries.
• Experience with tracking threat actors and proactive threat hunting.
• Deeper knowledge of operating systems other than Windows, such as Linux or macOS.
• Published research papers at conferences or through other mediums, such as blogs or articles.
• Understanding of current and emerging threats and the ability to demonstrate practical knowledge of security research.
• Experience with logging platforms, such as Splunk or Kibana, and creating queries to identify suspicious activity.
• Ability to convey complex or difficult technical concepts to audiences with varying levels of technical ability.
• Bachelor's degree in a relevant field or comparable work experience.

Skills and Competencies

To succeed in this role, you will need to possess the following skills and competencies:

• Strong analytical and problem-solving skills, with the ability to analyze complex data and identify patterns and trends.
• Excellent communication and collaboration skills, with the ability to work effectively with cross-functional teams and communicate complex technical concepts to non-technical stakeholders.
• Strong attention to detail and ability to maintain accuracy and quality in a fast-paced environment.
• Ability to work independently and as part of a team, with a strong sense of initiative and self-motivation.
• Strong knowledge of cybersecurity principles, threats, and technologies, with the ability to stay up-to-date with emerging trends and threats.

Career Growth and Learning Opportunities