Security Researcher

Intelligence London, United Kingdom


About CrowdStrike

At CrowdStrike we’re on a mission - to stop breaches. Our groundbreaking technology, services delivery, and intelligence gathering together with our innovations in machine learning and behavioral-based detection, allow our customers to not only defend themselves, but do so in a future-proof manner. We’ve earned numerous honors and top rankings for our technology, organization and people – clearly confirming our industry leadership and our special culture driving it. We also offer flexible work arrangements to help our people manage their personal and professional lives in a way that works for them. So if you’re ready to work on unrivaled technology where your desire to be part of a collaborative team is met with a laser-focused mission to stop breaches and protect people globally, let’s talk.

Position Description

The CrowdStrike Intelligence Team is seeking a motivated professional with excellent technical skills to research targeted cyber attacks. The Intelligence Team’s Technical Analysis Cell (TAC) is at the forefront of CrowdStrike’s battles with nation state adversaries and criminal actors. We combine world-class intelligence analysis with deep-dive reverse engineering and malicious code analysis, building and using cutting-edge automation systems to deliver actionable indicators and operational insights. This position on the TAC team serves as an important role in developing finished intelligence products, conducting analysis, increasing our coverage of the global threat landscape, and contributing to the continuous tracking of adversary groups.

Responsibilities

  • Discover, analyze and track advanced cyber attack campaigns and document findings.
  • Produce high-quality threat intelligence reporting for all levels of readership, including actionable mitigation and detection guidance.
  • Develop tools to assist with the automation of analysis tasks and tracking of threat actors.
  • Contribute to active mitigation efforts and support incident response engagement with technical expertise.
  • Write blog articles on novel threats and research results.

Key Qualifications

  • Ability to express complex technical and non-technical concepts in verbal and graphical products.
  • Excellent writing skills are mandatory.
  • Strong knowledge of fundamental analytical methods.
  • At least two years of experience in static and dynamic malicious code reverse engineering.
  • Profound knowledge of reverse engineering tools (disassemblers, decompilers, debuggers).
  • Knowledge of programming and scripting languages, in particular Python.

Preferred:

  • Good understanding of Windows OS internals and the Windows API.
  • Ability to analyze raw network data and to develop custom protocol decoders.
  • Familiarity with tools used in targeted intrusions
  • A background in exploit and vulnerability analysis is a plus.
  • Intelligence background is a plus.

Education:

  • BA/BS or MA/MS degree or equivalent experience in Computer Science, Information Security, or a related field

#LI-JF1