Application Security Research Engineer

USA - Remote

Full Time
CrowdStrike logo
CrowdStrike
Apply now

Posted 2 weeks ago

At CrowdStrike we’re on a mission - to stop breaches. Our groundbreaking technology, services delivery, and intelligence gathering together with our innovations in machine learning and behavioral-based detection, allow our customers to not only defend themselves, but do so in a future-proof manner. We’ve earned numerous honors and top rankings for our technology, organization and people – clearly confirming our industry leadership and our special culture driving it. We also offer flexible work arrangements to help our people manage their personal and professional lives in a way that works for them. So if you’re ready to work on unrivaled technology where your desire to be part of a collaborative team is met with a laser-focused mission to stop breaches and protect people globally, let’s talk.

About the Role
Help us protect CrowdStrike and its customers from the most advanced threats!  CrowdStrike’s Application Security team goes deeper than the standard application security team and researches threats to our own products, from a threat actor perspective.  As a Security Researcher, you will perform product research, reverse engineering, and threat landscape monitoring.

Responsibilities

  • Investigate, analyze, and learn from security researchers, attackers, and real incidents in order to develop attack vectors and methodology
  • Think like an attacker to solve complex problems with expertise and ingenuity
  • Develop evasion and bypass techniques for CrowdStrike endpoint products
  • Develop new tools, techniques and practices for putting CrowdStrike products through their paces

Requirements

  • Bachelor’s Degree (minimum) in Computer Science or equivalent work experience 
  • Minimum of 6 years of experience working in the field of Kernel Development, Reverse Engineering, and Malware Analysis.
  • Demonstrated experience in assembly (x86/x64), SW reverse engineering, kernel debugging, and networking protocol stacks
  • SW development experience in Assembly, C, C++, and/or Python for development of proof of concept code
  • Proficiency with tools such as IDAPro, Ghidra, Ollydbg, x64Dbg, and Radare2
  • Experience in vulnerability identification, assessment, and exploitation
  • Deep knowledge of Windows internals, kernel and user mode (bonus points for additional knowledge in OSX, and Linux operating systems)
  • Familiar with various APT’s, IOC’s, campaigns, active in the wild malware/trends etc.
  • Experience with machine learning algorithms
  • Experience automating exploit testing and repetitive tasks
  • Strong communication (written and verbal), interpersonal and problem-solving skills

Bonus Points

  • Experience in the field of anti-virus detections and methodologies
  • Knowledge of theoretical and applied Cryptography
  • Experience in research and presenting findings (internally or externally) in the security field
  • Experience working remotely

#LI-NT1

Benefits of Working at CrowdStrike:

  • Market leader in compensation and equity awards
  • Competitive vacation policy
  • Comprehensive health benefits + 401k plan 
  • Paid parental leave, including adoption
  • Flexible work environment
  • Wellness programs
  • Stocked fridges, coffee, soda, and lots of treats

We are committed to building an inclusive culture of belonging that not only embraces the diversity of our people but also reflects the diversity of the communities in which we work and the customers we serve. We know that the happiest and highest performing teams include people with diverse perspectives and ways of solving problems so we strive to attract and retain talent from all backgrounds and create workplaces where everyone feels empowered to bring their full, authentic selves to work.

CrowdStrike is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law.