CrowdStrike is hiring a Red Team Technical Operations Engineer (Remote)

CrowdStrike is hiring a Red Team Technical Operations Engineer to join its non-billable R&D team. In this remote role, you will support Professional Services Red Team activities by reducing operational uncertainty and improving the team's strategic and tactical capabilities against client defensive products.

What You'll Do

• Build and maintain product testing systems that generate data for a decision support system.
• Actively use systems to provide bespoke tactical intelligence to operators on engagements.
• Respond to regular product updates to ensure capabilities are functional and resilient.
• Perform development tasks that are both malware-oriented and platform-oriented.
• Program for Windows, Linux, and macOS platforms (user- and kernel-mode).
• Program related to event streaming, telemetry post-processing, and build engineering.
• Provide development and infrastructure support to improve overall offensive capabilities.
• Review analytics data from sensors to guide the development of offensive tradecraft.
• Develop initial access and post-exploitation capabilities (some evasive, some noisy).
• Contribute to capabilities to enhance operator decision making.
• Proactively identify opportunities to improve workflows and processes.
• Document completed development projects for operational use.
• Share responsibilities on administration and infrastructure.

What We're Looking For

• Reverse engineering skills and mindset in both vulnerability research and malware analysis.
• Forward engineering skills in languages such as C++, C#, and Python.
• Systems programming background in at least Windows + aptitude to learn Linux and macOS.
• Demonstrable understanding of EDR internals and other telemetry-based technologies.
• Demonstrable familiarity with using the OODA loop concept to subvert complex systems.
• Prior experience in goal-oriented red team operations and penetration testing phases.
• Prior experience in UX/UI elements of projects to improve workflows and adoption.
• Strong problem solving and critical thinking skills.
• Excellent oral and written communications skills in English.
• 3+ years of relevant engineering experience (some skills will be learned on the job).
• Ability to recognize and demonstrate that stealth is relative.
• Ability to factor human cognition when developing technical bypasses.
• Ability to maintain discretion related to sensitive work (both internally and externally).
• Ability to be receptive to peer review and conform to project-specific conventions.
• Ability to explain topics you are familiar with at different abstraction levels.
• Ability to manage development projects from conception to ongoing maintenance.
• Ability to handle high pressure situations in a productive and professional manner.
• Ability to simultaneously consider multiple (sometimes opposing) perspectives.
• Ability to apply best practices (but flexible to bend conventions when appropriate).
• Ability to form conclusions driven by data and evidence, in addition to intuition.
• Interest in knowing something about everything, and everything about something.
• Interest in understanding adversary emulation beyond the execution of cyber TTPs.
• Interest in understanding the dual-use nature of arbitrary technologies.
• Interest in developing solutions with a systems thinking approach.

Nice to Have

• Security community participation (conference speaker or tool contributor) is a plus.
• Experience with developing custom C2 frameworks or offensive security tooling is a plus.
• Prior experience with event streaming, web development, and data analysis is a plus.
• Familiarity with the following is a plus: Kafka, FastAPI, Neo4j, LogScale, Docker, Jenkins.
• Interest in modeling decision-making processes used for selecting TTPs is a plus.
• Interest in integrating knowledge from various non-cybersecurity domains is a plus.
• Interdisciplinary educational background (outside of cybersecurity) is a plus.

Technical Stack

• Languages: C++, C#, Python
• Platforms: Windows, Linux, macOS
• Tools/Frameworks: Kafka, FastAPI, Neo4j, LogScale, Docker, Jenkins

Team & Environment

You will join a non-billable R&D team dedicated to supporting Professional Services Red Team activities.

Benefits & Compensation

• Market leader in compensation and equity awards.
• Comprehensive physical and mental wellness programs.
• Competitive vacation and holidays for recharge.
• Paid parental and adoption leaves.
• Professional development opportunities for all employees regardless of level or role.
• Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections.
• Vibrant office culture with world class amenities.
• Great Place to Work Certified™ across the globe.

Work Mode

This role is fully remote.

CrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program.