CrowdStrike is hiring a Senior Engineer, Product Abuse to protect our cloud services, Falcon platform, and security products from abuse. You will lead detection, investigation, and mitigation efforts through proactive threat hunting and continuous attack surface monitoring.
What You'll Do
- Lead threat hunting operations against emergent threat activity to determine impact and resolution
- Design and implement monitoring solutions to detect anomalies and potential abuse across external-facing services
- Lead technical aspects of incident response, including attack vector analysis, implementing countermeasures, and post-incident review
- Develop automation and purpose-built tooling to streamline detection, mitigation, and reporting processes
- Conduct regular security assessments and testing simulations targeting attack vectors
- Advocate for and drive product security enhancements in the platform
- Implement and refine logging strategies to enhance visibility into potential abuse scenarios
- Contribute to the roadmap and strategic planning for abuse prevention
What We're Looking For
- 5+ years experience in a cybersecurity engineering or threat intelligence environment, with a significant focus on threat hunting, attack mitigation, and tooling
- Experience with SIEM platforms (LogScale, Splunk) for large-scale threat hunting and detection engineering
- Strong proficiency in at least one programming language for security automation and tool development
- Strong expertise in designing and implementing robust network and cloud security measures, and comprehensive logging and monitoring for threat detection and incident response
- Strong practical experience with AWS security services — particularly as they relate to infrastructure protection and threat detection / continuous monitoring
- Ability to determine when external-facing services are exceeding baselines and correlate with potential attack indicators
- Understanding of technical terminology, tactics, techniques, and procedures employed by threat actors
- Knowledge of the evolving threat landscape to support an understanding of current and future impacts
- Exceptional problem-solving abilities with a methodical approach to complex security challenges
- Strong written and verbal communication skills for technical and non-technical audiences
- Excellent time management skills and ability to prioritize in high-pressure situations
- Candidate must periodically undergo and pass additional background and fingerprint check(s) consistent with government customer requirements
Nice to Have
- Passionate about taking the initiative to identify and develop enrichments and enhanced visibility
- Enthusiasm for collaboration, including working in a team-oriented environment and across functional teams
- Self-motivated with the ability to work independently and as part of a collaborative team
- Passion for continuous learning and staying current with emerging threats
Technical Stack
- SIEM platforms: LogScale, Splunk
- AWS security services
Team & Environment
You will join the Product Abuse team within the Product Security organization.
Benefits & Compensation
- Compensation: $135,000 - $215,000 per year + variable/incentive compensation + equity + benefits
- Remote-friendly and flexible work culture
- Market leader in compensation and equity awards
- Comprehensive physical and mental wellness programs
- Competitive vacation and holidays for recharge
- Paid parental and adoption leaves
- Professional development opportunities for all employees regardless of level or role
- Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections
- Vibrant office culture with world class amenities
- Great Place to Work Certified™ across the globe
Work Mode
This is a remote position.
CrowdStrike is proud to be an equal opportunity employer committed to fostering a culture of belonging and providing equal employment opportunity for all employees and applicants.
