Security Incident Response Manager

Arlington USA / DC Remote USA / VA Remote

Full Time
CrowdStrike logo
CrowdStrike
Apply now

Posted 2 weeks ago

At CrowdStrike we’re on a mission - to stop breaches. Our groundbreaking technology, services delivery, and intelligence gathering together with our innovations in machine learning and behavioral-based detection, allow our customers to not only defend themselves, but do so in a future-proof manner. We’ve earned numerous honors and top rankings for our technology, organization and people – clearly confirming our industry leadership and our special culture driving it. We also offer flexible work arrangements to help our people manage their personal and professional lives in a way that works for them. So if you’re ready to work on unrivaled technology where your desire to be part of a collaborative team is met with a laser-focused mission to stop breaches and protect people globally, let’s talk.

About the Role

This position is open to candidates in Arlington, VA (Crystal City) , Columbia MD, or that are based remotely in the Eastern time zone.


Am I an Incident Response Manager Candidate?

  • Are you able to lead teams through complicated incident response investigations?
  • Do you find yourself interested in and keeping up with the latest vulnerabilities and breaches?
  • Are you self-motivated and looking for an opportunity to rapidly accelerate your skills?
  • Do you crave new and innovative work that actually matters to your customer?
  • Do you have an Incident Response or Information Security background that you’re not fully utilizing?
  • Are you capable of leading teams and interacting with customers?
  • Do you love working around like-minded, smart people who you can learn from and mentor on a daily basis?

Typical Responsibilities:

  • Lead a team of forensic analysts, familiar with host and/or network-based forensics across Windows, Mac, and Linux platforms.
  • Can effectively communicate with executives on the topics of forensics and malware analysis
  • Lead red-team, penetration testing activities by leveraging actual adversary TTPs.
  • Assess and develop information security and incident response programs in a proactive fashion to help mature the security posture of organizations prior to an incident.
  • Lead incident response and proactive engagements.
  • Produce high-quality written and verbal reports, presentations, recommendations, and findings to customer management.
  • Demonstrate industry thought leadership through blog posts, CrowdCasts, and other public speaking events.
  • Manage internal programs or teams.

Required Qualifications 
Successful candidates will have experience in one or more of the following areas:

  • Team leadership experience in a matrixed consulting environment
  • Incident Response: experience conducting or managing incident response investigations for organizations, investigating targeted threats such as the Advanced Persistent Threat, Organized Crime, and Hactivists.
  • Computer Forensic Analysis: a background using a variety of forensic analysis tools in incident response investigations to determine the extent and scope of compromise.
  • Network Forensic Analysis: strong knowledge of network protocols, network analysis tools like Bro/Zeek or Suricata, and ability to perform analysis of associated network logs.
  • Reverse Engineering: ability to understand the capabilities of static and dynamic malware analysis.
  • Incident Remediation: strong understanding of targeted attacks and able to create customized tactical and strategic remediation plans for compromised organizations.
  • Network Operations and Architecture/Engineering: strong understanding of secure network architecture and strong background in performing network operations.
  • Cloud Incident Response: knowledge in any of the following areas: AWS, Azure, GCP incident response methodologies.

Additionally, all candidates must possess the following qualifications:

  • Capable of completing technical tasks without supervision.
  • Desire to grow and expand both technical and soft skills.
  • Strong project management skills.
  • Contributing thought leader within the incident response industry.
  • Ability to foster a positive work environment and attitude.
  • Ability to travel on short notice, up to 30% of the time.

#LI-JP1

Benefits of Working at CrowdStrike:

  • Market leader in compensation and equity awards
  • Competitive vacation policy
  • Comprehensive health benefits + 401k plan 
  • Paid parental leave, including adoption
  • Flexible work environment
  • Wellness programs
  • Stocked fridges, coffee, soda, and lots of treats

We are committed to building an inclusive culture of belonging that not only embraces the diversity of our people but also reflects the diversity of the communities in which we work and the customers we serve. We know that the happiest and highest performing teams include people with diverse perspectives and ways of solving problems so we strive to attract and retain talent from all backgrounds and create workplaces where everyone feels empowered to bring their full, authentic selves to work.

CrowdStrike is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law.