Red Team TechOps Engineer (Remote)

#WeAreCrowdStrike and our mission is to stop breaches. As a global leader in cybersecurity, our team changed the game. Since our inception, our market leading cloud-native platform has offered unparalleled protection against the most sophisticated cyberattacks. We're looking for people with limitless passion, a relentless focus on innovation and a fanatical commitment to the customer to join us in shaping the future of cybersecurity. Consistently recognized as a top workplace, CrowdStrike is committed to cultivating an inclusive, remote-first culture that offers people the autonomy and flexibility to balance the needs of work and life while taking their career to the next level. Interested in working for a company that sets the standard and leads with integrity? Join us on a mission that matters - one team, one fight.
About the Role:
The Red Team TechOps Engineer will join a non-billable R&D team dedicated to supporting Professional Services Red Team activities in client networks that simulate known threat actors. This Red Team helps CrowdStrike customers identify and reduce gaps in their ability to deter malicious activity. We're looking for an engineer that will support the team by reducing operational uncertainty against defensive products, among other tasks that improve the team's strategic and tactical capabilities.
What You'll Do:

• Build and maintain product testing systems that generate data for a decision support system.
• Actively use systems to provide bespoke tactical intelligence to operators on engagements.
• Respond to regular product updates to ensure capabilities are functional and resilient.
• Development tasks that are both malware-oriented and platform-oriented.
• Programming for Windows, Linux, and macOS platforms (user- and kernel-mode).
• Programming related to event streaming, telemetry post-processing, and build engineering.
• Provide development and infrastructure support to improve overall offensive capabilities.
• Review analytics data from sensors to guide the development of offensive tradecraft.
• Develop initial access and post-exploitation capabilities (some evasive, some noisy).
• Contribute to capabilities to enhance operator decision making.
• Proactively identify opportunities to improve workflows and processes.
• Document completed development projects for operational use.
• Share responsibilities on administration and infrastructure.

What You'll Need:

• Reverse engineering skills and mindset in both vulnerability research and malware analysis.
• Forward engineering skills in languages such as C++, C#, and Python.
• Systems programming background in at least Windows + aptitude to learn Linux and macOS.
• Demonstrable understanding of EDR internals and other telemetry-based technologies.
• Demonstrable familiarity with using the OODA loop concept to subvert complex systems.
• Prior experience in goal-oriented red team operations and penetration testing phases.
• Prior experience in UX/UI elements of projects to improve workflows and adoption.
• Security community participation (conference speaker or tool contributor) is a plus.
• Experience with developing custom C2 frameworks or offensive security tooling is a plus.
• Prior experience with event streaming, web development, and data analysis is a plus.
• Familiarity with the following is a plus: Kafka, FastAPI, Neo4j, LogScale, Docker, Jenkins.

All candidates must possess the following qualifications:

• Strong problem solving and critical thinking skills.
• Excellent oral and written communications skills in English.
• 3+ years of relevant engineering experience (some skills will be learned on the job).
• Ability to recognize and demonstrate that stealth is relative.
• Ability to factor human cognition when developing technical bypasses (e.g. reflexive control, IPb).
• Ability to maintain discretion related to sensitive work (both internally and externally).
• Ability to be receptive to peer review and conform to project-specific conventions.
• Ability to explain topics you are familiar with at different abstraction levels.
• Ability to manage development projects from conception to ongoing maintenance.
• Ability to handle high pressure situations in a productive and professional manner.
• Ability to simultaneously consider multiple (sometimes opposing) perspectives.
• Ability to apply best practices (but flexible to bend conventions when appropriate).
• Ability to form conclusions driven by data and evidence, in addition to intuition.
• Interest in knowing something about everything, and everything about something.
• Interest in modeling decision-making processes used for selecting TTPs is a plus.
• Interest in understanding adversary emulation beyond the execution of TTPs.
• Interest in understanding the dual-use nature of arbitrary technologies.
• Interest in developing solutions with a systems-level thinking approach.
• Interest in integrating knowledge from various non-cybersecurity domains is a plus.
• Interdisciplinary educational background (outside of cybersecurity) is a plus.
• Passion to understand and develop solutions requiring diverse skills (from ASM to ML). You are not required to be an expert in every skill, but should maintain an interest in how they are connected.

#LI-Remote
#LI-DL1
This role may require the candidate to periodically undergo and pass alcohol and/or drug test(s) during the course of employment.
Benefits of Working at CrowdStrike:

• Remote-first culture
• Market leader in compensation and equity awards
• Competitive vacation and flexible working arrangements
• Comprehensive and inclusive health benefits
• Physical and mental wellness programs
• Paid parental leave, including adoption
• A variety of professional development and mentorship opportunities
• Offices with stocked kitchens when you need to fuel innovation and collaboration

CrowdStrike is proud to be an equal opportunity and affirmative action employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. Our approach to cultivating a diverse, equitable, and inclusive culture is rooted in listening, learning and collective action. By embracing the diversity of our people, we achieve our best work and fuel innovation - generating the best possible outcomes for our customers and the communities they serve.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at [email protected] for further assistance.
Find out more about your rights as an applicant.
CrowdStrike participates in the E-Verify program.
Notice of E-Verify Participation
Right to Work
CrowdStrike, Inc. is committed to fair and equitable compensation practices. The base salary range for this position in the U.S. is $115,000 - $180,000 per year + variable/incentive compensation + equity + benefits. A candidate's salary is determined by various factors including, but not limited to, relevant work experience, skills, certifications and location.
Expected Close Date of Job Posting is:09-25-2024