2025-05-27
CrowdStrike, Inc.
Other
/yr
employee
contract
Sunnyvale
California
94086
United States
CrowdStrike, Inc.
Full time
R23282
About this Role:
As a Lead Threat Hunter you will be a key member of our Security Operations team, driving the detection, investigation, and response to advanced cyber threats. In this role, you will design and refine detection patterns across various technologies, participate in active threat hunting, and guide the organization's security posture with your insights and expertise. Your ability to operate across a wide array of data sources, maintain rigorous confidentiality, and provide hands-on incident response will be critical to safeguarding CrowdStrike's assets and reputation.
What You’ll Do:
Leadership & Program Management:
Lead and define organizational threat hunting strategy
Guide and mentor junior threat hunters
Provide technical leadership and expertise to the Incident Response team
Design and implement structured hunting frameworks
Prioritize hunting operations based on threat intelligence and risk
Measure and report on program effectiveness
Champion agile project management fundamentals for hunting initiatives
Develop detection patterns across different technologies and log sources
Triage detections to identify and remediate threats, including containment and live response
Execute structured threat hunting missions using hypothesis-driven approaches
Create and implement custom hunting queries and detection logic
Leverage structured analytic techniques and MITRE ATT&CK framework to track adversarial behavior
Participate in incident response activities, providing technical expertise
Offer on-demand after-hours support for critical security incidents
Collaborate with cross-functional teams on threat mitigation
Transform hunt findings into actionable incident response procedures
Develop threat hunting use cases based on incident response findings
Identify coverage gaps and optimize security data and tooling
Prepare and present hunting metrics to technical and executive stakeholders
Utilize OSINT and closed intelligence sources for threat analysis
Maintain comprehensive hunt documentation and knowledge base
Develop and maintain hunting dashboards for program visibility
Engineer and tune security detections for SOAR, SIEM, and TIP
Develop and maintain custom hunting tools and scripts
Integrate hunting capabilities into existing security stack
Automate routine hunting tasks and data collection
Partner with key stakeholders (Networking, Infrastructure, DevOps)
Coordinate threat management approaches across security teams
Present findings and recommendations to various audience levels
Drive continuous improvement through knowledge sharing and innovation
Bachelor's degree (or equivalent experience) in a computer-related field
8+ years of progressive experience in Information Security, Threat Hunting, or related roles
US Citizenship required due to direct work on GovCloud
Proven understanding of the MITRE ATT&CK framework, Diamond Model, and Cyber Kill
Chain
Experience analyzing raw data from security controls (web proxy, firewalls, IPS, IDS, antivirus)
Proficiency with SIEM, SOAR, TIP integrations, and link analysis tools
Strong IT background (networking fundamentals, systems) and expertise with OSX, Linux, and Windows
Significant experience with system/application log analysis and security data correlation
Effective communication skills in English (verbal and written)
Excellent investigative, analytical, and problem-solving abilities
Ability to maintain strict confidentiality and operate independently in high-pressure situations
Scripting knowledge (e.g., Python, Perl, Bash, PowerShell)
Familiarity with Splunk or other advanced SIEM platforms
Experience with host and network forensics
Background in malware analysis
Familiarity with agile project management and compliance frameworks
Technical security certifications or advanced academic credentials
#LI-RC1
#LI-KM1
#LI-Remote
CrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program.
CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment. The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law. We base all employment decisions--including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs--on valid job requirements.
If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at recruiting@crowdstrike.com for further assistance.
Find out more about your rights as an applicant.
CrowdStrike participates in the E-Verify program.
Notice of E-Verify Participation
PI271912201
