What you'd actually do

Support Incident Response lifecycle via triage and investigation of detections and take action as appropriate (e.g. live response, containment, escalation, etc.)

Develop detection criteria across a broad range of technologies and log sources

Identify coverage and efficiency gaps in available data and tooling

Provide information security reporting including security metrics as required

Participate in incident response and manage escalations as needed

Skills

Required

Experience responding to security events, including front-line analysis and escalation, of hacktivist, cybercrime, and APT activity
Theoretical and practical knowledge with Mac, Linux, and Windows operating systems
Theoretical and practical knowledge with TCP/IP networking and application layers
Experience with access/application/system log analysis, IDS/IPS alerting and data flow, and SIEM-based workflows
Experience with security data collection, processing, and correlation
Capable of completing technical tasks without supervision
Desire to grow and expand both technical and soft skills
Strong project management skills
Contributing thought leader within the incident response industry
Ability to foster a positive work environment and attitude
Meets DoD SkillBridge Qualifications
Current Active Duty Service Member
Available to participate 90-180 days
This role is only open to US citizens and Green Card holders.
US Citizenship required due to direct work related to GovCloud

Nice to have

Scripting experience highly desirable (Python, Perl, Bash, Power Shell, etc.)
Experienced user of Splunk
Experience with host and network forensics
Experience with basic static and behavioral malware analysis
Previous project management experience desirable
Applicable security certifications (GCIA, GCIH, GCFA, GNFA, etc.)

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate an inclusive culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.

About the Role:

This Job Description is for DoD SkillBridge participation and is not eligible for direct hire.

CrowdStrike is looking for a highly motivated, self-driven Incident Response Analyst to support the Incident Response lifecycle via triage and investigation of detections and take action as appropriate (e.g. live response, containment, escalation, etc). This role is within our CSIRT team and is a remote position available to qualifying service members currently residing in the US.

CrowdStrike’s DoD SkillBridge / Career Skills Program (CSP) Internship is an approved SkillBridgeProgram under Dept. of Defense Instruction 1322.29 as enacted by 10 U.S.C. Sec 1143. Eligibility is restricted to members of the U.S. Armed Forces separating honorably with greater than 180 days of continuous Active Duty. SkillBridge/CSP period of eligibility is within the final 180 days of Active Duty service, and the SkillBridge/CSP must be completed prior to separation from Active Duty in the U.S. Armed Forces.

CrowdStrike’s DoD SkillBridge/CSP Internship is open to members of all services, and all ranks and experience levels. Service members should fully review SkillBridge/CSP Job Description for requirements and qualifications of the individual position.

SkillBridge participants participate in full time training with industry (40-hour work week) under permissive temporary duty military orders and are not eligible for compensation from CrowdStrike during SkillBridge participation, but will continue to receive all military wages and benefits as defined by the Department of Defense.

DoD SkillBridge/CSP is fully compliant with FLSA, DBA, SCA, CSHSSA and all other pertinent Federal and State labor laws. For more employer information regarding DoD SkillBridge/CSP, please visit the Department of Defense DoD SkillBridge website at https://skillbridge.osd.mil/

What You’ll Do:

Support Incident Response lifecycle via triage and investigation of detections and take action as appropriate (e.g. live response, containment, escalation, etc.)
Develop detection criteria across a broad range of technologies and log sources
Identify coverage and efficiency gaps in available data and tooling
Provide information security reporting including security metrics as required
Participate in incident response and manage escalations as needed
Provide after-hours support on an on-demand basis
Drive efficient process development and documentation for all aspects of the Incident Response lifecycle

What You’ll Need:

Experience responding to security events, including front-line analysis and escalation, of hacktivist, cybercrime, and APT activity
Theoretical and practical knowledge with Mac, Linux, and Windows operating systems
Theoretical and practical knowledge with TCP/IP networking and application layers
Experience with access/application/system log analysis, IDS/IPS alerting and data flow, and SIEM-based workflows
Experience with security data collection, processing, and correlation

Additionally, all candidates must possess the following qualifications:

Capable of completing technical tasks without supervision
Desire to grow and expand both technical and soft skills
Strong project management skills
Contributing thought leader within the incident response industry
Ability to foster a positive work environment and attitude

Requirements:

Meets DoD SkillBridge Qualifications
Current Active Duty Service Member
Available to participate 90-180 days
This role is only open to US citizens and Green Card holders.

Preferred Skills:

Scripting experience highly desirable (Python, Perl, Bash, Power Shell, etc.)
Experienced user of Splunk
Experience with host and network forensics
Experience with basic static and behavioral malware analysis
Previous project management experience desirable

Education:

Pursuing an undergraduate degree or direct experience in information security, information systems, or computer science
Applicable security certifications (GCIA, GCIH, GCFA, GNFA, etc.)
US Citizenship required due to direct work related to GovCloud

#LI-AM2

#LI-Remote

CrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program.

CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment. The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law. We base all employment decisions--including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs--on valid job requirements.

If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at recruiting@crowdstrike.com for further assistance.