Security Analyst – Forensic Specialist United States

Company: CrowdStrike

This is an exciting opportunity to be part of a key team of cyber security professionals at CrowdStrike. Our IT security operations team focuses on actively hunting threats to CrowdStrike’s infrastructure. As an Incident Response Analyst, you will help detect active threats against our networks and provide response support. You will work hands-on with network assets and actively monitor and hunt our systems for advanced attacks and intrusions. You will help identify anomaly and behavioral detection strategies and configure systems to automate detections and alerting. In addition, you will help develop and instrument intrusion containment tools and processes.

About our company:

CrowdStrike is a leading provider of next-generation endpoint protection, threat intelligence, and pre- and post incident response services. Our customers include many of the world’s largest and most prestigious companies, who rely on us to protect their businesses, their data and their people against every type of cyber threat. As a result, we are the fastest growing endpoint protection company, one of the World's Most 50 Innovative Companies according to MIT, and one of Forbes Most Promising Companies. Our growth and innovation are driven by incredible employees who deliver unmatched customer success. Join us today!

Essential Duties and Responsibilities

  • Develop detection patterns across a broad range of technologies and log sources
  • Triage detections and provide follow-up actions to mitigate risk (e.g. containment, incident
  • response, live response, etc)
  • Identify coverage and efficiency gaps in security data and tooling
  • Provide information security reporting including security metrics as required
  • Participate in incident response and manage escalations as needed
  • Provide after-hours support on an on-demand basis
  • Drive efficient process development and documentation for all aspects of the detection and incident response lifecycle
Key Qualifications

  • Experience responding to security events, including front-line analysis and escalation, on hacktivist, cybercrime, and APT activity
  • Extensive theoretical and practical knowledge with OSX, Linux, and Windows operating systems
  • Extensive theoretical and practical knowledge with TCP/IP networking and application layers
  • Experience with system/application log analysis, IDS/IPS alerting and data flow, and SIEM-based workflows
  • Experience with security data collection, processing, and correlation
  • Experience with E-discovery, forensic tools (Access Data, FTK, Encase), and evidence collection.
  • Managing E-Discovery collection, processing / retaining electronically stored information, and partnering with General Counsel’s Office.
  • US Citizenship required due to direct work related to GovCloud

  • Scripting experience highly desirable (Python, Perl, Bash, Power Shell, etc.)
  • Experienced user of Splunk
  • Experience with host and network forensics
  • Experience with malware analysis

  • Undergraduate degree or direct experience in information security, information systems, or computer science
  • Other technical security certifications or academic background a plus

CrowdStrike is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law.

Vacancy page :

Similar jobs