CrowdStrike is hiring a Threat Analyst III (Remote, ROU)

CrowdStrike is hiring a Threat Analyst III to analyze breaches and killchains involving malware, serving as a key escalation point and driving improvements in detection efficacy using machine learning. You will be part of the team dedicated to stopping breaches and protecting our customers.

What You'll Do

• Lead efforts to review and refine product detections to ensure they meet and exceed company standards.
• Identify and drive improvements in false positive detection management through deep technical analysis and process enhancements.
• Analyze files and event data across different platforms (Linux, public Clouds, Mac, and Windows) to assess predictions by machine learning.
• Act as a senior escalation point for internal teams regarding complex customer threat detections.
• Collaborate cross-functionally with threat research, engineering, and incident response teams to drive detection efficacy.

What We're Looking For

• Technical expertise in Linux or Mac operating systems, including internals and threat behaviors.
• Experience in public Cloud environments, preferably AWS or Azure.
• Strong background in reverse engineering malware, reverse engineering tool sets and malware operations.
• Experience leveraging machine learning for threat detection use cases.
• Solid proficiency in Python, with additional experience in other scripting/programming languages a plus.
• In-depth understanding of binary analysis, including file attributes, imports/exports, and common packing techniques.
• Advanced analytical skills, including practical experience with threat research and structured analysis methodologies.
• Strong grasp of threat/risk assessment and threat management frameworks.
• Proven ability to break down complex security problems into actionable solutions.
• Ability to join off hours/late meetings for cross-region coordination.
• BA/BS or MA/MS degree in Computer Science, Information Security, or a related field.

Nice to Have

• Experience in a Security Operations Center (SOC), threat hunting, or a high-tempo incident response environment.
• Expert-level knowledge of MacOS and/or Linux, with experience in threat detection, analysis, or EDR tooling on those platforms.
• Advanced knowledge of the control plane and data plane of public cloud providers.
• Advanced knowledge of Windows OS internals and API behavior.
• Familiarity with tools and techniques used in targeted and criminal cyber-intrusions.
• Background in exploit development or vulnerability research.
• Knowledge of programming languages such as C, C++, Java, and Assembly.
• Exposure to working on GenAI and security.

Technical Stack

• Python
• Linux
• Mac
• Windows
• AWS
• Azure

Team & Environment

You'll be part of the CrowdStrike Data Science Machine Learning Operations and Response Team.

Benefits & Compensation

• Remote-friendly and flexible work culture.
• Market leader in compensation and equity awards.
• Comprehensive physical and mental wellness programs.
• Competitive vacation and holidays for recharge.
• Paid parental and adoption leaves.
• Professional development opportunities for all employees regardless of level or role.
• Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections.
• Vibrant office culture with world class amenities.

Work Mode

This is a remote position open to candidates in ROU.

CrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed.