About the Role:

CrowdStrike is looking for highly motivated, self-driven, technical people dedicated to making a difference in global security by protecting organizations against the most advanced attackers in the world. Our CrowdStrike virtual security operations center offers opportunities to expand your skill set through a wide variety of experiences, detecting and responding to cyber threats as they appear in real-time for our customers.

• Do you find yourself interested in putting your hands-on technical skills to the test in detecting, containing, and remediating cyber threats?
• Are you self-motivated and looking for an opportunity to rapidly accelerate your skills?
• Do you crave new and innovative work that actually matters to your customer?
• Are you capable of leading teams and interacting well with customers?
• Do you love working around like-minded, smart people who you can learn from and mentor on a daily basis?

What You'll Do:

• Conduct monitoring and perform in-depth analysis of security alerts.
• Exercise cyber incident handling processes across Windows, Mac, and Linux platforms.
• Perform remote remediation of malware or malicious activity.
• Perform high level malware analysis.
• Develop and improve processes for cyber incident detection, triage, and the execution of countermeasures.
• Produce high-quality written and verbal communications, recommendations, and findings to numerous stakeholders including senior leadership within Crowdstrike and customers.
• Demonstrate industry thought leadership through blog posts, CrowdCasts, and other public speaking events.
• Contribute to internal capability uplift programs or team development.
• Serve as the technical escalation point and mentor for lower grade analysts.
• Provide oversight and quality assurance for issues worked by lower grade analysts.
• Assist in the advancement of security processes and procedures.

What You'll Need:

• Education: Bachelors or Masters degree in Computer Science, Computer Engineering, Maths, Information Security, Cybersecurity, or related areas of study; or equivalent work experience.
• Cyber threat Incident Handling: experience conducting or managing cyber threat related incident response for organizations, investigating targeted threats such as Advanced Persistent Threat, Organized Crime, and Hacktivists.
• Computer Forensic Analysis: a background using a variety of forensic analysis tools in incident response investigations to determine the extent and scope of compromise.
• Systems Administration: an understanding of system internals is required to understand how to implement and execute countermeasures and remediation.
• Network Forensic Analysis: knowledge of network protocols, network analysis tools, and ability to perform analysis of associated network logs.
• Malware Analysis: ability to perform static and dynamic malware analysis to understand the nature of malware
• Incident Remediation: strong understanding of targeted attacks and able to create customized tactical and strategic remediation plans for compromised organizations.
• Network Operations and Architecture/Engineering: strong understanding of secure network architecture and strong background in performing network operations.
• Programming/Scripting: experience coding in Powershell, C, C#, VB, Python, Perl, Ruby on Rails and .NET.

Bonus points:

• At least one relevant security certification, such as CISSP
• Strong problem solving skills
• Strong experience with Mac OS, Windows, and Unix operating systems.
• Ability to handle high pressure situations in a productive and professional manner.
• Strong time management skills with the ability to multi-task
• Strong verbal and written communication skills with the ability to explain difficult technical concepts to audiences with varying levels of technical ability
• Japanese business level language skills or better are also highly encouraged to apply

Other Skillsets:

We are actively seeking candidates with strong technical expertise in security tools and platforms that integrate with our Next-gen SIEM Platform. If you have experience with enterprise security technologies, you are encouraged to apply for a role with Falcon Complete, even if you haven't previously worked as a security analyst. This is an excellent opportunity to transition your technical knowledge into the cyber security threat response field.

The specific security domains we are seeking includes:

• Email and messaging security platforms (such as Mimecast, Proofpoint, and Microsoft 365 Defender)
• Enterprise network security solutions (including Palo Alto Networks, Cisco Security suite, and Fortinet)
• Cloud security platforms across major providers (Microsoft Defender for Cloud, AWS Security Hub, and Google Cloud Security Command Center)
• Identity and access management solutions (such as Okta, Ping Identity, and Azure AD)
• The experience we are seeking includes:
• Log analysis and correlation
• Alert triage and investigation
• Rule creation, efficacy tuning and integration configurations
• Incident response workflows, security automation, and API integration would be beneficial.