Offensive Security Lab Engineer (Remote)

CrowdStrike

CrowdStrike

Multiple locations
Posted on Sep 25, 2024

​​#WeAreCrowdStrike and our mission is to stop breaches. As a global leader in cybersecurity, our team changed the game. Since our inception, our market leading cloud-native platform has offered unparalleled protection against the most sophisticated cyberattacks. We’re looking for people with limitless passion, a relentless focus on innovation and a fanatical commitment to the customer to join us in shaping the future of cybersecurity. Consistently recognized as a top workplace, CrowdStrike is committed to cultivating an inclusive, remote-first culture that offers people the autonomy and flexibility to balance the needs of work and life while taking their career to the next level. Interested in working for a company that sets the standard and leads with integrity? Join us on a mission that matters - one team, one fight.

About the Role:

Do you find the latest cyber attack tradecraft fascinating? Do you catch yourself imagining how a CVE could be leveraged to compromise an environment? Do you regularly scrape the Internet and beyond for the latest in OSINT? Would you love to have a lab playground where you could experiment with the latest techniques, tactics, and tradecraft to figure out how you can reproduce it and then automate it? Then we may have the perfect position for you.

CrowdStrike is seeking an engineer with extensive hands-on skills in code analysis, penetration testing, and security research or equivalent. We believe in the importance of showing our customers how our Platform stops breaches during the sales cycle and the global Technical Sales team relies heavily on our lab environments to do this. The CrowdStrike Falcon® Platform sits at the leading edge of the industry in stopping the latest and most novel tactics, techniques, and attacks in the wild and we want to make it easy for our Technical Sales team to show the world how we do this. Enter you.

As a Offensive Security Lab Engineer for CrowdStrike’s Technical Sales labs you will work daily with our Technical Sales Lab Architect, intelligence analysts, OverWatch threat hunting team, and our detections engineering to craft current, relevant attack scenarios, automate them, and implement them into cloud-based labs that are used by over 1000 CrowdStrikers worldwide and 10s of thousands of CrowdStrike partners and prospects. These labs are critical to the day-to-day operations of the Sales and Technical Sales organization. We believe in working fast and doing things that are innovative and novel in the industry. Here at CrowdStrike we have a culture that constantly strives to produce the best in the industry. We innovate and iterate quickly. Our labs team is no exception. We are building a lab platform that will be the best in the industry. To do this we need the best engineers in the industry that are willing to throw the box away and imagine how we can build a platform that will support our technical teams and CrowdStrike sales into the next decade. If building new things excites you. If you enjoy working collaboratively with top engineers and researchers in the industry. If you are passionate about cybersecurity then we want to talk to you.

This is an individual contributor role that reports directly to the global Director of Technical Sales Strategy and Operations.

What You'll Do:

  • Leverage internal and external resources to research threats, vulnerabilities, and intelligence on various threat actors and their tactics, techniques, and procedures (TTPs)

  • Deconstruct and replicate the actual tactics, techniques, and procedures (TTPs) of the most advanced threat actors in the wild for use in labs and demos

  • Automate and document attack scenarios that lead to full exploitation, leveraging multiple vectors, such as cloud, identity, data exfiltration, and CVEs/vulnerabilities on Windows, MacOS, or Linux

  • Document how to reproduce attacks leveraging tools and techniques available within the Tech Sales lab and demo environments

  • Act as the Intelligence and tradecraft SME to the Technical Sales enablement team

  • Test the security controls of labs under development

  • Collaborate with CrowdStrike’s intelligence, InfoSec, managed threat hunting, and managed detection teams and their respective product managers as an SME to the global Technical Sales enablement team for these offerings in the CrowdStrike Falcon® Platform

What You’ll Need:

  • You have 5+ years previous hands-on experience in penetration testing, red/purple teaming, and exploit code development or analysis.

  • You have at least one Offensive Security certification (OSCP, OSEP, OSWP, OSMR, OSED, OSEE) or equivalent, verifiable experience.

  • You're proficient at systems administration tasks in Windows (desktop and server), Linux, and MacOS.

  • You work well in cross-functional teams and excel in bringing people together to accomplish an objective.

  • You enjoy working independently with relentless dedication to communication and team success.

  • Comfortable presenting your work to global audiences including business leaders as part of regular updates on the capabilities of the labs.

  • You thrive in an Agile and high paced environment with a focus on fast iteration and quick revisions.

  • Have impeccable code hygiene and write coherent and concise documentation.

  • You have a strong understanding of how endpoint security products work, such as CrowdStrike Falcon, and have demonstrated experience evading detection

Bonus Points:

  • Publications, security research, bug bounties or CVEs are highly regarded

  • You’re proficient in using automation/IaC tools such as Terraform, CloudFormation, Ansible, and scripting in Bash and Python to create and configure cloud infrastructure.

  • You have Programming/scripting skills in Go/GoLang, Python, Javascript, C++, React, Angular, Vue, etc.

  • Knowledge of cloud architecture and security

  • You have experience with capture the flag (CTFs) and hackathons

#LI-Remote
#LI-EF1

Benefits of Working at CrowdStrike:

  • Remote-first culture

  • Market leader in compensation and equity awards with option to participate in ESPP in eligible countries

  • Competitive vacation and flexible working arrangements

  • Physical and mental wellness programs

  • Paid parental leave, including adoption

  • A variety of professional development and mentorship opportunities

  • Access to CrowdStrike University, LinkedIn Learning and Jhanna

  • Offices with stocked kitchens when you need to fuel innovation and collaboration

  • Birthday time-off in your local country

  • Work with people who are passionate in our mission and Great Place to Work certified across the globe

CrowdStrike is proud to be an equal opportunity and affirmative action employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. Our approach to cultivating a diverse, equitable, and inclusive culture is rooted in listening, learning and collective action. By embracing the diversity of our people, we achieve our best work and fuel innovation - generating the best possible outcomes for our customers and the communities they serve.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at [email protected] for further assistance.