Incident Response (DFIR) Manager
CrowdStrike is the leader in cloud-delivered next-generation endpoint protection, threat intelligence, and pre- and post-incident response services. With the ability to collect and process over 100 billion events a day, CrowdStrike has revolutionized endpoint protection by being the first and only company to unify next-generation antivirus (AV), endpoint detection and response (EDR), and a 24/7 managed hunting service — all delivered via a single lightweight agent. We are one of the World's Most 50 Innovative Companies according to MIT, and one of Forbes Most Promising Companies. Our growth and innovation are driven by incredible employees who deliver unmatched customer success.
We have received a number of exciting awards including:
- October 2018: 100 Best Medium Workplaces Second Year in a Row by Fortune magazine.
- June 2018: Closed over $200 million, led by General Atlantic, Accel
andIVP, with participation from March Capital and CapitalG (Google), achieving a valuation of more than $3 billion.
- April 2018: CrowdStrike Wins SC Award for Best Security Company Second Year in a Row.
CrowdStrike is looking for highly motivated, self-driven, technical consultants dedicated to making a difference in global security by protecting organizations against the most advanced attackers in the world. Our CrowdStrike Services team offers opportunities to expand your skill set through a wide variety of engagements including front page incident response investigations, adversary-focused penetration testing (be the adversary, don’t just run scans), and proactive and strategic assessment services for organizations you’ll find on the annual Fortune 100 list.
This position is open to candidates in Los Angeles, CA, Irvine, CA, St. Louis, MO, and Washington DC.
About the Role:
- Do you find yourself interested in and keeping up with the latest vulnerabilities and breaches?
- Are you passionate about coaching and mentorship and energized by leading highly effective teams?
- Do you crave new and innovative work that actually matters to your customer?
- Do you have an Incident Response or Information Security background that you’re not fully utilizing?
- Do you love working around like-minded, intelligent people who you can learn from and mentor on a daily basis?
- Lead a team of forensic analysts, familiar with host and/or network-based forensics across Windows, Mac, and Linux platforms.
- Can effectively communicate with executives on the topics of forensics and malware analysis
- Lead red-team, penetration testing activities by leveraging actual adversary
- Assess and develop information security and incident response programs in a proactive fashion to help mature the security posture of organizations prior to an incident.
- Lead incident response and proactive engagements.
- Produce high-quality written and verbal reports, presentations, recommendations, and findings to customer management.
- Demonstrate industry thought leadership through blog posts, CrowdCasts, and other public speaking events.
- Manage internal programs or teams.
What You'll Need:
Successful candidates will have experience in one or more of the following areas:
- Team leadership experience in a matrixed consulting environment
- Incident Response: experience conducting or managing incident response investigations for organizations, investigating targeted threats such as the Advanced Persistent Threat, Organized Crime, and
- Computer Forensic Analysis: a background using a variety of forensic analysis tools in incident response investigations to determine the extent and scope of compromise.
- Network Forensic Analysis: strong knowledge of network protocols, network analysis tools, and
abilityto perform analysis of associated network logs.
- Incident Remediation: strong understanding of targeted attacks and able to create customized tactical and strategic remediation plans for compromised organizations.
- Network Operations and Architecture/Engineering: strong understanding of secure network architecture and
strongbackground in performing network operations.
- Database and Cloud Development: knowledge in various cloud implementations such as Hadoop, ZooKeeper,
HIVE, HBASE, Elasticsearch, and other common cloud implementations.
- Programming/Scripting: experience coding in C, C#, VB, Python, Perl, Ruby on Rails, and .NET.
Additionally, all candidates must possess the following qualifications:
- Excellent project management skills.
- Strong oral and written communications skills.
- Contributing thought leader within the incident response industry.
- Ability to foster a positive work environment and attitude.
- Ability to travel on short notice, up to 50% of the time.
BA or BS / MA or MS degree in Computer Science, Computer Engineering, Math, Information Security, Information Assurance, Information Security Management, Intelligence Studies, Cybersecurity, Cybersecurity Policy, or a related field.
Benefits of Working at CrowdStrike:
- Market leader in compensation + stock options
- Competitive vacation policy
- Comprehensive health benefits.
- Paid paternity and maternity leave, including adoption
- Flexible work hours and remote friendly environment
- Wellness programs
Inclusiveculture focused on people, customers andinnovation
- Regular team activities, including happy hours, community service events
CrowdStrike believes that diversity and inclusion among our organization
CrowdStrike is an Equal Opportunity