Software Engineer - University Graduate

University Minneapolis, Minnesota

About CrowdStrike

CrowdStrike is the leader in cloud-delivered next-generation endpoint protection, threat intelligence, and pre- and post-incident response services.  With the ability to collect and process over 100 billion events a day, CrowdStrike has revolutionized endpoint protection by being the first and only company to unify next-generation antivirus (AV), endpoint detection and response (EDR), and a 24/7 managed hunting service — all delivered via a single lightweight agent.  We are one of the World's Most 50 Innovative Companies according to MIT, and one of Forbes Most Promising Companies. Our growth and innovation are driven by incredible employees who deliver unmatched customer success.   

We have received a number of exciting awards including:

  • October 2018: 100 Best Medium Workplaces Second Year in a Row by Fortune magazine.
  • June 2018:  Closed over $200 million, led by General Atlantic, Accel and IVP, with participation from March Capital and CapitalG (Google), achieving a valuation of more than $3 billion.
  • April 2018:  CrowdStrike Wins SC Award for Best Security Company Second Year in a Row.

About the Role

Crowdstrike is looking for a recent college graduate Software Engineer to join our growing Engine and Content Development (ECD) team, with a focus on endpoint/sensor development. This position will be based in our Minneapolis office.

The Engine and Content Development team implements strategies and processes that detect suspicious or malicious behavior. Sometimes these detection strategies are performed directly on the endpoint, and sometimes they’re evaluated in the cloud. We leverage a variety of techniques to accomplish this while also minimizing false positives. Our goal is to stop the bad guys automatically where possible, and to provide visibility and guidance to security analysts so they can effectively identify adversaries. ECD is a central part of CrowdStrike’s mission - “We Stop Breaches." We're looking for smart people who want to be challenged and take ownership of what they build, and are interested in researching and understanding attacker behavior and building capabilities to detect and stop attacks.

 As an engineer in the ECD team, you’ll help develop creative and resourceful ways to detect threats on Windows, Mac, and/or Linux systems. You’ll work collaboratively to implement threat detections in the Falcon Sensor, a small kernel-level module that observes system activity and recognizes malicious behavior, then provides on-box prevention capability and remote telemetry to the Falcon cloud. Features frequently cut across most core OS subsystems such as file system, memory and process, and networking. You’ll get exposure to both user-level and kernel-level coding practices. Many features are built utilizing shared components across multiple platforms. You’ll collaborate with multiple teams within engineering.

You will:

  • Design and build detection logic and systems that's leveraged by other teams within CrowdStrike to detect cyber attackers and stop breaches.
  • Brainstorm, define, and build collaboratively with members across multiple teams.
  • Be unafraid to ask questions and eager to follow the best solution
  • Build elegant solutions for complex technical problems in the native languages appropriate for the host OS (generally C/C++).
  • Read code in the multiple programming languages in use in our environment (C/C++, python, and unix/windows shell scripting, among others).
  • Focus on continual learning, raising the bar for both yourself and your teammates.
  • Troubleshoot issues with the product as reported by customers, Security Response, or Product Support.
  • Able to share and receive constructive feedback with courtesy.

What You'll Need

  • Able to produce high quality software and can demonstrate that capability, be it through job experience, schoolwork, or contributions to community projects.
  • Development experience with any of: Python, C/C++, Java, or Go
  • Exposure to OS internals in Linux, Windows, or macOS, such as networking, process management, file systems, and multi-threaded development.
  • Able to communicate, collaborate, and work effectively in a distributed team.

Preferred Qualifications:

  • Prior computer and/or network security and SIEM experience.
  • Low-level (e.g. driver, kernel, firmware) experience.
  • Exposure to kernel development on any of Windows, macOS, and Linux, with an interest in growing skills in other platforms.
  • Experience responding to security events, including front-line analysis and escalation, on hacktivist, cybercrime, and APT activity.


  • Actively pursuing an undergraduate or MS degree full-time with planned graduation date within the next 9 months (Jan ‘19 - Sept '19).
  • Other technical security certifications or security-related academic background, such as coursework, projects, or capture-the-flag competitions, will be a plus.

Benefits of Working at CrowdStrike:

  • Market leader in compensation + stock options
  • Competitive vacation policy
  • Comprehensive health benefits + 401k plan (US only)
  • Paid paternity and maternity leave, including adoption
  • Flexible work hours and remote friendly environment
  • Wellness programs
  • Stocked fridges, coffee, soda, and lots of treats
  • Peer recognition
  • Inclusive culture focused on people, customers and innovation
  • Regular team activities, including happy hours, community service events 

CrowdStrike believes that diversity and inclusion among our organization is essential to our success as a global company, and we seek to attract, retain and empower the industry’s best and brightest from a diverse talent pool. 

CrowdStrike is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law.