Red Team Senior/Principal Consultant

Professional Services Remote, United States

About CrowdStrike

CrowdStrike is the leader in cloud-delivered next-generation endpoint protection, threat intelligence, and pre- and post-incident response services.  With the ability to collect and process over 100 billion events a day, CrowdStrike has revolutionized endpoint protection by being the first and only company to unify next-generation antivirus (AV), endpoint detection and response (EDR), and a 24/7 managed hunting service — all delivered via a single lightweight agent.  We are one of the World's Most 50 Innovative Companies according to MIT, and one of Forbes Most Promising Companies. Our growth and innovation are driven by incredible employees who deliver unmatched customer success.   

We have received a number of exciting awards including:

  • October 2018: 100 Best Medium Workplaces Second Year in a Row by Fortune magazine.
  • June 2018:  Closed over $200 million, led by General Atlantic, Accel and IVP, with participation from March Capital and CapitalG (Google), achieving a valuation of more than $3 billion.
  • April 2018:  CrowdStrike Wins SC Award for Best Security Company Second Year in a Row.

The Red Team Consultant will join a team dedicated to performing Red Team activities that simulate known threat actor. We are a customer first driven team that helps CrowdStrike customer’s identify gaps in their ability to detect malicious activity at each phase of an attack. 

Detailed Description

  • Experience with using, administering, and troubleshooting at least two major flavors of Windows, Linux, including Ubuntu or RedHat
  • Experience with scripting and editing existing code and programming using one or more of the following: Perl, Python, Ruby, bash, C/C++, C#, or Java
  • Experience with security assessment tools, including Nessus, Metasploit, Burp Suite Pro, Cobalt Strike, or Empire
  • Experience with remote code execution activities including privilege escalation and lateral movement
  • Knowledge of application, database, or Web server design
  • Knowledge of internal network penetration, web application security testing, external network penetration testing, and red teaming
  • Knowledge of open security testing standards and projects, including OWASP, Cyber Kill Chain, or MITRE ATT&CK Framework
  • Ability to convey results clearly in formal technical reports
  • Experience with working in a commercial consulting or professional services environment
  • Experience with wireless LAN security, including 802.11 standards
  • Experience with phishing and other social engineering tactics

Preferred Qualifications

  • Minimum 3 years of experience in a Red Team/Penetration Testing activities is highly preferred
  • Security community participation (conference speaker, tool development contributor, …) is highly preferred
  • Advanced experience with Security Assessment Toolsets (Metasploit, Cobalt Strike, Nessus, Burp Suite, etc.)
  • Comprehensive understanding of the security methodologies, technologies, and best practices
  • Advanced experience with Networking components (routers, switches, load balancers, wireless access points, etc.)
  • Comprehensive knowledge of firewalls, proxies, mail servers and web servers
  • Advanced experience with operational support for operating systems, applications and networks
  • Advanced experience with vulnerability/penetration testing/adversary emulation assessments
  • Advanced experience in automation and scripting of applications and systems
  • Desirable Certifications: OSCP, GPEN, OSCE, GCIH, GXPN
  • Occasional travel may be required (<25%)

BA or BS / MA or MS degree in Computer Science, Computer Engineering, Math, Information Security, Information Assurance, Information Security Management, Intelligence Studies, Cybersecurity, Cybersecurity Policy, or a related field.

Benefits of Working at CrowdStrike:

  • Market leader in compensation and equity awards
  • Competitive vacation policy
  • Comprehensive health benefits + 401k plan (US only)
  • Paid paternity and maternity leave, including adoption
  • Flexible work hours and remote friendly environment
  • Wellness programs
  • Stocked fridges, coffee, soda, and lots of treats
  • Peer recognition
  • Inclusive culture focused on people, customers and innovation
  • Regular team activities, including happy hours, community service events 

CrowdStrike believes that diversity and inclusion among our organization is essential to our success as a global company, and we seek to attract, retain and empower the industry’s best and brightest from a diverse talent pool. 

CrowdStrike is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law.