CrowdStrike is looking for a Sr. Engineer, Software Assurance - Product Security to help protect our company and customers from advanced threats. You will focus on active threats to our products by assessing, designing, and implementing security controls and systems associated with the software supply chain.
What You'll Do
- Assess risk and provide security guidance to engineers across the company on systems and software implementations.
- Design and implement tools and processes to secure and monitor software build pipelines, including signing.
- Harden open source code usage, development, and distribution.
- Investigate systems and applications to understand and improve security posture. Advocate for best-security practices to the entire engineering organization.
- Manage end-to-end delivery of large-scale, cross-cutting security initiatives to harden CrowdStrike software supply chain systems and processes.
What We're Looking For
- Experience working in an engineering role designing, implementing, and supporting security systems.
- Experience working with and securing configurations of Linux and/or other Unix-like variants.
- Proficiency in one or more common scripting languages, such as shell, Python, Golang, javascript, etc.
- Domain knowledge of networking, software development lifecycle management, secure coding practices and reviews, and system hardening.
- Understanding of software build pipeline applications, systems, and processes.
- Working experience with CICD pipelines and associated tools like Jenkins, Argo CD, etc.
- Experience leading large, cross-team projects and initiatives.
- Familiarity with TLS best practices, ciphers, software signing operations, and public/private key infrastructure implementations and security.
Nice to Have
- Experience with common monitoring or log aggregation tools such as LogScale, Splunk, DataDog, Prometheus, etc.
- Experience with source control management tools like GitHub, BitBucket, etc. Both as a user and an administrator.
- Experience with common artifact storage tools like Artifactory and S3.
- Experience working in and secure configurations of large-scale cloud platforms with highly concurrent systems.
- Self-motivated to identify security problems and engage with teams to find solutions.
- Efficient communicator with strong writing skills, experience working remotely.
- Experience scripting groovy pipelines and using REST APIs.
- Experience working at a very large scale.
Technical Stack
- Operating Systems: Linux, Unix
- Languages & Scripting: shell, Python, Golang, javascript, groovy
- Tools: Jenkins, Argo CD, LogScale, Splunk, DataDog, Prometheus, GitHub, BitBucket, Artifactory, S3
- Protocols & Standards: TLS, REST APIs
Team & Environment
You will be part of the Product Security team.
Benefits & Compensation
- Market leader in compensation and equity awards
- Comprehensive physical and mental wellness programs
- Competitive vacation and holidays
- Paid parental and adoption leaves
- Professional development opportunities for all employees regardless of level or role
- Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections
- Vibrant office culture with world class amenities
- Great Place to Work Certified™ across the globe
- Base salary range for this position for all U.S. candidates is $0 - $0 per year, with eligibility for bonuses, equity grants and a comprehensive benefits package.
Work Mode
This is a fully remote position.
CrowdStrike is proud to be an equal opportunity employer committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed.
