Senior Malware Reverse Engineer, eCrime United States

Company: CrowdStrike

CrowdStrike is a leading provider of next-generation endpoint protection, threat intelligence, and pre- and post-incident response services. We are the fastest growing endpoint protection company, one of the World's Most 50 Innovative Companies according to MIT, and one of Forbes Most Promising Companies. Our growth and innovation are driven by incredible employees who deliver unmatched customer success. The CrowdStrike Falcon platform uses sophisticated signature-less artificial intelligence/machine learning and Indicator-of-Attack (IOA) based threat prevention to stop known and unknown threats.

CrowdStrike Accomplishments:

  • January 2018: Awarded #1 in the Visionaries quadrant of the 2018 Gartner Magic Quadrant for Endpoint Protection Platforms.
  • February 2018: Great Place to Work


  • Ranked No. 34 Best Medium Workplaces by Fortune magazine and consulting firm Great Place to Work
  • Ranked No. 25 most attractive start-ups to work for by LinkedIn
  • Closed $100 million equity financing round, at a valuation of over $1 billion dollar (backed by Accel, CapitalG (Google), and Warburg Pincus)
  • Best Cyber Security Company and Best Behaviour Analytics/Enterprise Threat Detection in 2017 SC Awards
  • Ranked No. 8 Best Workplaces in Technology, according to global research and consulting firm Great Place to Work® and Fortune Magazine

Job Purpose
The Intelligence Team is at the forefront of CrowdStrike’s battles with nation-state adversaries and criminal actors. We combine world-class intelligence analysis with deep-dive reverse engineering and malicious code analysis, building and using cutting-edge automation systems to deliver actionable indicators and operational insights.

The Intelligence Team’s Technical Analysis Cell (TAC) is seeking a motivated professional with excellent technical skills to research criminal cyber attacks. This position on the TAC team serves as an important role in conducting deep-level technical analysis, increasing our coverage of the global threat landscape, developing finished intelligence products, and contributing to the continuous tracking of criminal groups.

As a distributed international team, we are looking for an energetic self-starter with the ability to take ownership and be accountable for deliverables while at the same time supporting and helping to improve upon our analysis workflow. If you'd like to work with passionate people in a fast-paced, team-oriented environment, you've come to the right place!


  • Discover, analyze and track advanced cyber attack campaigns and document findings.
  • Produce high-quality threat intelligence reporting for all levels of readership, including actionable mitigation and detection guidance.
  • Develop tools to assist with automation of analysis tasks and tracking of threat actors.
  • Contribute to active mitigation efforts and support incident response engagement with technical expertise.
  • Write blog articles on novel threats and research results.
Key Qualifications
  • Profound knowledge of reverse engineering tools (disassemblers, decompilers, debuggers) and processes (unpacking malware, reconstructing code logic, etc.)
  • At least three years of experience in static and dynamic malicious code reverse engineering
  • Strong knowledge of the most prevalent eCrime malware families and botnets
  • Knowledge of programming and scripting languages, in particular Python
  • Solid understanding of Microsoft Windows internals and the Windows API
  • Ability to analyze raw network data and to develop custom protocol decoders and decryption tools
  • Ability to express complex technical and non-technical concepts in verbal and graphical products.
  • Excellent writing skills are mandatory.


  • Familiarity with UNIX-based platforms is a plus.
  • Ability to analyze raw network data and to develop custom protocol decoders.
  • A background in exploit and vulnerability analysis is a plus.
  • Intelligence background is a plus.


  • BA/BS or MA/MS degree or equivalent experience in Computer Science, Information Security, or a related field
Remote, with occasional travel. Must be located in the U.S., U.K., Canada, Australia, Germany, or the Netherlands.

CrowdStrike is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, colour, religion, sex including sexual orientation and gender identity, national origin, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law.

Vacancy page :

Similar jobs