As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.
About the Role:
As an Automation Engineer II on our Falcon Complete Managed Detection & Response (MDR) team, you will develop professional expertise in scaling our security operations through automation and AI while applying company policies and procedures to resolve a variety of automation challenges. You will build productive internal and external working relationships to support our mission of maximizing analyst efficiency through augmented detection triage, investigation, and response workflows. This role involves working on problems of moderate scope which often call for detailed analysis of situations or data, requiring review of a variety of factors. You will focus on building SOAR playbooks, AI-powered workflows, and scripted solutions while exercising judgment within defined procedures and practices, with general instructions on new assignments.
What You'll Do:
Automation Development
- Assist in building and maintaining security automation workflows and playbooks in SOAR platforms to streamline investigation, triage, and response actions
- Develop PowerShell and Python scripts for security enrichment, remediation, and basic forensic functions
- Assist with SIEM query integration into automated workflows to provide context for security investigations
AI Integration & Learning
- Learn AI workflow concepts and assist with implementation under guidance
- Apply data parsing techniques using JSON and Regular Expressions for security data manipulation
Collaboration & Innovation
- Partner with SOC analysts and engineering teams to identify high-value automation opportunities
- Proactively collaborate with Falcon Complete SOC analysts to gather feedback and identify automation opportunities
- Maintain version control of automation scripts and workflows using Git platforms
- Support initiatives to improve operational efficiency and contribute ideas for analyst productivity improvements
- Stay current with emerging technologies in SOAR, automation, and AI, and evaluate their application to MDR operations
What You'll Need:
Successful candidates will have experience in one or more of the following areas:
- 2+ years of experience in automation, scripting, or cybersecurity (relevant security experience considered)
- Proficiency with PowerShell for security investigation and response tasks
- Working knowledge of Python for automation and API integration
- Basic understanding of SIEM query languages and security analytics
- Familiarity with data formats (JSON) and Regular Expressions for data parsing
- Understanding of incident detection and response workflows in SOC/MDR environments
- Experience with version control systems (Git, GitHub, GitLab, Bitbucket)
- Self-motivated with strong initiative and ability to work independently
- Results-oriented mindset with passion for solving complex technical challenges
- Eagerness to learn emerging technologies and automation concepts
- Analytical mindset with the ability to identify and translate repetitive processes into scalable automation
- Excellent collaboration and communication skills for working across SOC, engineering, and leadership teams
Bonus Points:
- Falcon SOAR platform experience is a plus
- LogScale (formerly Humio) experience is a plus
- Basic familiarity with AI workflow frameworks and LLM integration
- Familiarity with cybersecurity frameworks (NIST, MITRE ATT&CK)
- Cloud platform experience (AWS, Azure, GCP)
- Previous SOC or security operations experience
- Experience with CrowdStrike Falcon platform and APIs
- Knowledge of generative AI concepts and basic prompt engineering
- Creative and optimistic about the potential of AI, with curiosity to experiment
- Passion for advancing the role of AI and automation in cybersecurity
****Education: ****
- BA or BS / MA or MS degree in Computer Science, Computer Engineering, Math, Information Security, Information Assurance, Information Security Management, Intelligence Studies, Cybersecurity, Cybersecurity Policy, or a related field. Applicants without a degree but with relevant work experience and/or training will be considered.
#LI-EV1
#LI-Remote
**Benefits of Working at CrowdStrike: **
- Market leader in compensation and equity awards
- Comprehensive physical and mental wellness programs
- Competitive vacation and holidays for recharge
- Paid parental and adoption leaves
- Professional development opportunities for all employees regardless of level or role
- Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections
- Vibrant office culture with world class amenities
- Great Place to Work Certified™ across the globe
CrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program.
CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment. The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law. We base all employment decisions--including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs--on valid job requirements.
If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at recruiting@crowdstrike.com for further assistance.