As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.

About the Role

CrowdStrike's Product Abuse team sits at the intersection of threat intelligence, detection engineering, and platform security — defending the Falcon platform against sophisticated adversaries. As a Sr. Engineer, you'll lead threat hunting operations, architect detection and prevention capabilities, and drive security enhancements across our product portfolio. You'll operate at both strategic and tactical levels alongside a close-knit team of industry-leading engineers, with direct and measurable impact on CrowdStrike's security posture at global scale.

What You'll Do

Lead threat hunting operations against emergent threat activity involving platform misuse — to determine impact and drive resolution
Design and implement monitoring solutions to detect anomalies and potential abuse across external-facing services, APIs, and authentication surfaces
Lead technical aspects of incident response, including attack vector analysis, countermeasure implementation, and post-incident review
Develop automation and purpose-built tooling to streamline detection, mitigation, and reporting workflows
Instrument event-driven tooling to drive hunting efficiency and proactive prevention of evolving TTPs
Conduct regular security assessments and testing simulations targeting external attack surfaces and abuse vectors
Advocate for and drive product security enhancements across the Falcon platform, influencing engineering teams to build abuse resistance into the product
Implement and refine logging strategies to enhance visibility into potential abuse scenarios across cloud-native infrastructure
Contribute to roadmap and strategic planning for abuse prevention, balancing proactive and reactive capabilities
Support follow-the-sun operational coverage as part of a globally distributed team

What You Need:

Motivated self-starter with 7+ years of experience in a cybersecurity engineering or threat intelligence environment, with a significant focus on threat hunting, attack mitigation, and tooling
Proficiency in security automation and tool development
Practical experience with cloud computing platform security services — particularly as they relate to infrastructure protection, identity and access management, and continuous monitoring
Deep familiarity with abuse-relevant attack patterns including credential stuffing, account takeover, API abuse, trial fraud, and adversarial misuse of security tooling
Ability to identify when external-facing services are exceeding baselines and correlate deviations with potential attack indicators
Comprehensive understanding of TTPs employed by threat actors and the evolving threat landscape, including nation-state and eCrime actors
Passionate about taking initiative to identify and develop enrichments and enhanced visibility
Enthusiasm for collaboration across functional teams — including Product & Engineering — to drive platform-wide abuse resistance

Bonus Points:

Experience leveraging AI coding assistants and LLM-based tools as a force multiplier — accelerating tooling development, detection engineering, and automation at a pace beyond traditional workflows
Experience applying data science techniques — such as machine learning, neural networks, or streaming anomaly detection — to generate threat signals, identify behavioral outliers, or integrate disparate datasets at enterprise scale
Experience with front-end UI design, including contributions to large and complex codebases using HTML5, JavaScript, React, or similar technologies
Experience with SIEM platforms (e.g., LogScale) for large-scale threat hunting and detection engineering
Experience with identity and authentication systems, including OAuth, SAML, MFA bypass techniques, and session abuse patterns
Expertise in designing and implementing robust network and cloud security measures, and comprehensive logging and monitoring for threat detection and incident response
Experience operating in or supporting a follow-the-sun security operations model
Strong background in OSINT, cybercrime investigations, or intelligence collection involving complex adversarial networks
Background in trust and safety, fraud detection, or abuse engineering at a SaaS or cloud platform
Familiarity with the CrowdStrike Falcon platform and its sensor, cloud, and API architecture

Soft Skills

Exceptional problem-solving abilities with a methodical approach to complex, ambiguous security challenges
Strong written and verbal communication skills for both technical and non-technical audiences, including executive stakeholders
Self-motivated with the ability to work independently and as part of a globally distributed, collaborative team
Excellent time management and ability to prioritize effectively under pressure
Passion for continuous learning and staying current with emerging threats, adversary tradecraft, and the abuse landscape

#LI-Remote #LI-CS1

Benefits of Working at CrowdStrike:

Market leader in compensation and equity awards
Comprehensive physical and mental wellness programs
Competitive vacation and holidays for recharge
Paid parental and adoption leaves
Professional development opportunities for all employees regardless of level or role
Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections
Vibrant office culture with world class amenities
Great Place to Work Certified™ across the globe

CrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program.

CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment. The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law. We base all employment decisions--including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs--on valid job requirements.

If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at recruiting@crowdstrike.com for further assistance.

Find out more about your rights as an applicant.

CrowdStrike participates in the E-Verify program.

Notice of E-Verify Participation

Right to Work

CrowdStrike, Inc. is committed to fair and equitable compensation practices. Placement within the pay range is dependent on a variety of factors including, but not limited to, relevant work experience, skills, certifications, job level, supervisory status, and location. The base salary range for this position for all U.S. candidates is $120,000 - $180,000 per year, with eligibility for bonuses, equity grants and a comprehensive benefits package that includes health insurance, 401k and paid time off.

For detailed information about the U.S. benefits package, please click here.

Expected Close Date of Job Posting is:07-28-2026

About the Role

What You'll Do

Lead threat hunting operations against emergent threat activity involving platform misuse — to determine impact and drive resolution
Design and implement monitoring solutions to detect anomalies and potential abuse across external-facing services, APIs, and authentication surfaces
Lead technical aspects of incident response, including attack vector analysis, countermeasure implementation, and post-incident review
Develop automation and purpose-built tooling to streamline detection, mitigation, and reporting workflows
Instrument event-driven tooling to drive hunting efficiency and proactive prevention of evolving TTPs
Conduct regular security assessments and testing simulations targeting external attack surfaces and abuse vectors
Advocate for and drive product security enhancements across the Falcon platform, influencing engineering teams to build abuse resistance into the product
Implement and refine logging strategies to enhance visibility into potential abuse scenarios across cloud-native infrastructure
Contribute to roadmap and strategic planning for abuse prevention, balancing proactive and reactive capabilities
Support follow-the-sun operational coverage as part of a globally distributed team

What You Need:

Motivated self-starter with 7+ years of experience in a cybersecurity engineering or threat intelligence environment, with a significant focus on threat hunting, attack mitigation, and tooling
Proficiency in security automation and tool development
Practical experience with cloud computing platform security services — particularly as they relate to infrastructure protection, identity and access management, and continuous monitoring
Deep familiarity with abuse-relevant attack patterns including credential stuffing, account takeover, API abuse, trial fraud, and adversarial misuse of security tooling
Ability to identify when external-facing services are exceeding baselines and correlate deviations with potential attack indicators
Comprehensive understanding of TTPs employed by threat actors and the evolving threat landscape, including nation-state and eCrime actors
Passionate about taking initiative to identify and develop enrichments and enhanced visibility
Enthusiasm for collaboration across functional teams — including Product & Engineering — to drive platform-wide abuse resistance

Bonus Points:

Experience leveraging AI coding assistants and LLM-based tools as a force multiplier — accelerating tooling development, detection engineering, and automation at a pace beyond traditional workflows
Experience applying data science techniques — such as machine learning, neural networks, or streaming anomaly detection — to generate threat signals, identify behavioral outliers, or integrate disparate datasets at enterprise scale
Experience with front-end UI design, including contributions to large and complex codebases using HTML5, JavaScript, React, or similar technologies
Experience with SIEM platforms (e.g., LogScale) for large-scale threat hunting and detection engineering
Experience with identity and authentication systems, including OAuth, SAML, MFA bypass techniques, and session abuse patterns
Expertise in designing and implementing robust network and cloud security measures, and comprehensive logging and monitoring for threat detection and incident response
Experience operating in or supporting a follow-the-sun security operations model
Strong background in OSINT, cybercrime investigations, or intelligence collection involving complex adversarial networks
Background in trust and safety, fraud detection, or abuse engineering at a SaaS or cloud platform
Familiarity with the CrowdStrike Falcon platform and its sensor, cloud, and API architecture

Soft Skills

Exceptional problem-solving abilities with a methodical approach to complex, ambiguous security challenges
Strong written and verbal communication skills for both technical and non-technical audiences, including executive stakeholders
Self-motivated with the ability to work independently and as part of a globally distributed, collaborative team
Excellent time management and ability to prioritize effectively under pressure
Passion for continuous learning and staying current with emerging threats, adversary tradecraft, and the abuse landscape

#LI-Remote #LI-CS1

Benefits of Working at CrowdStrike:

Market leader in compensation and equity awards
Comprehensive physical and mental wellness programs
Competitive vacation and holidays for recharge
Paid parental and adoption leaves
Professional development opportunities for all employees regardless of level or role
Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections
Vibrant office culture with world class amenities
Great Place to Work Certified™ across the globe

Find out more about your rights as an applicant.

CrowdStrike participates in the E-Verify program.

Notice of E-Verify Participation

Right to Work

For detailed information about the U.S. benefits package, please click here.

Expected Close Date of Job Posting is:07-28-2026

Sr. Engineer- Product Abuse (remote)

What you'd actually do

Skills

Required

Nice to have

What the JD emphasized

About the Role

What You'll Do

Soft Skills

About the Role

What You'll Do

Soft Skills