2025-04-20
CrowdStrike, Inc.
Other
/yr
employee
contract
Sunnyvale
California
94086
United States
CrowdStrike, Inc.
Full time
R22570
Malware Research Center:
The CrowdStrike Malware Research Center (MRC) is at the core of Falcon’s malware detection and response capabilities. The team focuses on understanding the threat landscape and sets the target for what Falcon should be detecting and preventing. Additionally, the MRC is responsible for understanding our capabilities and mapping how well our machine learning and behavioral protection capabilities are doing against those threats. Where there is a gap, the MRC takes action to improve our detection stance and overall protection story. There are many parts of CrowdStrike working towards protecting customer environments and the MRC works across all of them to ensure we are on target and providing the best protection for the current threat landscape.
About the Role:
The Sr. Cloud Red Team Engineer will work on a team dedicated to performing adversarial activities, with this role specifically focusing on Cloud environments. As part of the team, you will emulate known threat actors' TTPs in cloud and hybrid environments, evaluate advanced cloud specific techniques and improve CrowdStrike's Falcon platform security capabilities.
What You’ll Do:
Design and execute adversarial emulations across cloud and hybrid environments, with emphasis on AWS.
Replicate and implement malware and evasion techniques.
Perform security assessments of cloud architectures and services.
Create and maintain attack frameworks and automation tools.
Document and report findings to both technical and management audiences.
Work with a wide team and assist in developing and improving Falcon’s effectiveness.
Deep expertise in AWS services, architecture, and security controls
5+ years of experience in Cloud Security and Red Team operations
Strong understanding of cloud attack vectors (IAM exploitation, serverless attacks, container escape, etc.)
Experience with EDR bypass and tampering.
Advanced knowledge of operating system internals (Windows, Linux, macOS)
Experience in one or more high level programming languages (C/C++, Rust, .Net, Go, etc) and low-level programming languages.
Experience with reverse engineering toolsets (IDA, Ghidra, windbg, gdb, etc.)
Experience with the MITRE ATT&CK Framework.
Security community participation (conference speaker, tool development contributor, blog posts) is valued.
Desirable Certifications: AWS Certified Security - Specialty certification, Additional AWS certifications (Solutions Architect, DevOps Engineer), OSCP, OSWE, OSEP
CrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program.
CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment. The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law. We base all employment decisions--including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs--on valid job requirements.
If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at recruiting@crowdstrike.com for further assistance.
Find out more about your rights as an applicant.
CrowdStrike participates in the E-Verify program.
Notice of E-Verify Participation
PI268335886
