Sr. Software Engineer, Windows Vulnerability Research & Detection (Remote)

Posted 6 Days Ago
Be an Early Applicant
Hiring Remotely in USA
Remote
135K-215K Annually
Senior level
Cloud • Information Technology • Sales • Security • Cybersecurity
Define your future at CrowdStrike.
The Role
As a Senior Software Engineer at CrowdStrike, you will research CVEs and develop tools for detecting advanced malicious behavior on Windows OS. Your role involves creating detection logic for the Falcon sensor, enhancing cybersecurity, and collaborating with cross-functional teams to contribute to the development of security practices.
Summary Generated by Built In

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. We work on large scale distributed systems, processing almost 3 trillion events per day. We have 3.44 PB of RAM deployed across our fleet of C* servers - and this traffic is growing daily. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate an inclusive culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.

About the Role:

CrowdStrike is looking for a Senior Software Engineer to join our growing Content Research & Integration Tactical team within the EndPoint Protection Content group, which focuses on vulnerability research, exploit mitigations, and security-related endpoint development on the Windows operating system.

 

The Endpoint Protection Content group plays a central role in fulfilling CrowdStrike’s mission to Stop Breaches. Within the Content Research & Integration Tactical team (CRI-Tactical), we research the latest common vulnerabilities and exposures (CVEs) to develop tools and techniques that expand sensor visibility and explore ways to detect advanced malicious behavior on customer endpoint devices. Our goal is to enable the sensor to autonomously identify and stop N-day tools, techniques, and procedures where possible, and to provide useful visibility and guidance to security analysts when new previously unknown adversary activity occurs.

 

As a senior software engineer within the CRI Tactical team, you will be focused on the analysis and development of detections for attack techniques across supported Windows OS versions. You’ll work collaboratively to implement detection logic within the Falcon sensor which includes both user-mode and kernel-mode components that together observe system activity, recognize malicious behavior, provide on-box prevention and remediation capabilities, and send relevant security related telemetry to the Falcon Cloud. You’ll help find creative and resourceful ways to detect Windows specific threats while also helping to develop cross-platform features that leverage telemetry from common OS subsystems such as file system, memory, process, and network activity. You’ll get exposure to both user-mode and kernel-mode coding practices.

 

As a Senior Software Engineer, you’ll function as a key resource and subject matter expert for other engineers within the team and across the company.  You’ll collaborate with a wide range of other teams as you drive your own initiatives and assist with other projects. You’ll be expected to make significant contributions from the initial concept phase through design, implementation, release, and bugtail/support. We're looking for smart people who want to be challenged and take ownership of what they build.

 

What You'll Do:

  • Design and build detection logic and systems leveraged across teams within CrowdStrike to detect cyber attackers and stop breaches.

  • Extend our existing codebase and test suites utilizing C, C++, Python, and other tools as appropriate.

  • Brainstorm, define, and build collaboratively across multiple teams.

  • Build proof of concept triggers that can exercise common vulnerabilities and exposures

  • Obsess about learning, and champion the newest technologies & tricks with others, raising the technical IQ of the team.

  •  Deliver and accept feedback with grace and courtesy.

  •  Troubleshoot issues within the product when necessary, assisting customer support, test breaks, and release blockers.

  •  Leverage your understanding of engineering best practices, including topics like secure coding, testing paradigms, effective peer code reviews, logging, and resilient architecture patterns, to ensure clean, supportable coding practices.

  •  Be an energetic ‘self-starter’ who is empowered to take ownership and be accountable for deliverables, both individually and when leading a team.

 

What You'll Need:

  • Post-secondary education in computer science, engineering, or information security OR five (5) years of equivalent experience.

  •  5+ years of experience with any of the following;

  • vulnerability research, analysis, and exploitation techniques,

  • attack surface analysis and risk management, or

  • software instrumentation, testing, and code coverage analysis

  •  Low-level OS knowledge of Windows operating system internals, components, APIs, and design.

  • Proficiency in multiple programming languages including C, C++, and Python as well as familiarity with multiple processor architectures

  •  Experience in network and packet capture analysis

  •  Knowledge of cyber security practices, challenges, tools, and techniques

  • Team player – able to lead, mentor, communicate, collaborate, and work effectively in a globally distributed team. 

Preferred Qualifications:

At least one of the following certifications is preferred:

  • Offensive Security Certified Professional (OSCP)

  • Offensive Security Certified Expert (OSCE)

  • Council of Registered Security Testers (CREST) Registered or Certified Professional certificate

  • SANS GIAC Penetration Tester, Web Application Penetration Tester, Exploit Researcher and Advanced Penetration Tester

  • Prior experience working with low-level code, such as OS kernel, firmware or device drivers.  

  • Understanding of kernel-mode and multi-threaded concurrent systems development in any of our supported platforms, with an interest to grow skills in all of them.

  • Prior penetration testing experience.

  • Prior experience delivering software via agile processes.

  • Prior participation in cyber security challenges (e.g. CTFs). 

#LI-Remote

#LI-CW1

#LI-DG1

#HTF

Benefits of Working at CrowdStrike:

  • Remote-friendly and flexible work culture

  • Market leader in compensation and equity awards

  • Comprehensive physical and mental wellness programs

  • Competitive vacation and holidays for recharge

  • Paid parental and adoption leaves

  • Professional development opportunities for all employees regardless of level or role

  • Employee Resource Groups, geographic neighbourhood groups and volunteer opportunities to build connections

  • Vibrant office culture with world class amenities

  • Great Place to Work Certified™ across the globe

CrowdStrike is proud to be an equal opportunity and affirmative action employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. Our approach to cultivating a diverse, equitable, and inclusive culture is rooted in listening, learning and collective action. By embracing the diversity of our people, we achieve our best work and fuel innovation - generating the best possible outcomes for our customers and the communities they serve.
 

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at [email protected] for further assistance.

Find out more about your rights as an applicant.

CrowdStrike participates in the E-Verify program.

Notice of E-Verify Participation

Right to Work

CrowdStrike, Inc. is committed to fair and equitable compensation practices. The base salary range for this position in the U.S. is $135,000 - $215,000 per year + variable/incentive compensation + equity + benefits. A candidate's salary is determined by various factors including, but not limited to, relevant work experience, skills, certifications, job level, supervisory status, and location.

Expected Close Date of Job Posting is:05-18-2024

Top Skills

Cassandra

What the Team is Saying

Andrew C.
Lauren P.
Brian P.
Alexa Z.
Theo K.
Sara I.
Lam N.
Lauren B.
Adeeb C.
Kristan C.
Alena C.
Thaddeus M.
Alyssa J.
KT T.
The Company
Kirkland, WA
10,000 Employees
Hybrid Workplace
Year Founded: 2011

What We Do

CrowdStrike has redefined security with the world’s most advanced cloud-native platform that protects and enables the people, processes and technologies that drive modern enterprise. Tested and proven, the world's largest organizations trust CrowdStrike to stop breaches with unparalleled protection against the most sophisticated cyberattacks.

The CrowdStrike culture has been built upon our Core Values since the day we began. We are Fanatical About the Customer, Relentlessly Focused on Innovation and believe that our Limitless Passion drives Unlimited Potential for every CrowdStriker. As a purpose-built remote-first company, we believe cultivating a connected culture for every employee, no matter where they are in the world, is a key ingredient in building a high-performing, diverse team.

We don’t have a mission statement. We’re on a mission—to stop breaches. Ready to join a mission that matters?

Why Work With Us

We have a culture that celebrates achievement, encourages flexibility and innovation and thrives on teamwork. We all work towards a single mission: to stop breaches. This common goal drives a sense of community and connection among our people across the globe.

Gallery

Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery

CrowdStrike Offices

Hybrid Workspace

Employees engage in a combination of remote and on-site work.

Typical time on-site: Flexible
Kirkland, WA

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account