What you'd actually do

Emerging Threat Response: Stay up to date on emerging threats and threat actors. Contribute to initiatives to proactively identify, assess, and mitigate new and evolving threat campaigns. Collaborate with CrowdStrike threat intelligence teams to integrate the latest threat data into the Falcon Complete threat response program.

Threat Detection Enablement: Use threat research to fuel the detection engineering team for developing and fine-tuning detection mechanisms on Endpoint, Identity, Cloud, and supported NG-SIEM integrations.

Expert Support: Serve as the go-to expert on emerging threats facing the Falcon Complete team. Collaborate with security analysts during incident investigations into novel threats, providing expert insight and threat knowledge across Endpoint, Identity, Cloud, and supported NG-SIEM technologies.

Knowledge Sharing: Educate and advise security analysts, detection engineers, intelligence analysts, and automation/AI engineers on emerging and topical threats, security solution best practices, and effective response techniques.

Knowledge Base Development: Contribute to efforts to enhance the organizational knowledge base to support Managed Detection and Response. Establish and maintain comprehensive response knowledge artifacts across various security domains and ensure that these are up-to-date with the latest security threats and technological advancements. Collaborate with other teams within the Falcon Complete Security Engineering organization to ensure these are delivered to security analysts in the most effective way possible (e.g. integration with artificial intelligence systems or other existing tooling, wiki based knowledge articles, or used for automation opportunities).

Skills

Required

Minimum of 5 years of experience in a response or research focused security role
at least 3 years focused on supporting Incident Response, security operations or MDR teams
Incident Handling: experience conducting or managing incident response for organizations, investigating targeted threats such as the Advanced Persistent Threat, Organized Crime, and Hacktivists.
Threat Research: experience performing threat research to identify and cluster campaigns and emerging threats
Incident Remediation: strong understanding of targeted attacks and able to create customized tactical and strategic remediation plans for compromised organizations.
Significant experience utilizing cyber threat intelligence in a security operations environment
Deep understanding of how attack vectors manifest in EDR and SIEM telemetry/logs and how to investigate them.
Knowledge of automation tools and scripting languages (e.g., Python, PowerShell)
Experience using AI and automation tooling in an operational and intelligence capacity.

Nice to have

AI engineers

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.

About the Role:

We are seeking a highly skilled and experienced Senior Threat Response Specialist to join our Falcon Complete Managed Detection and Response (MDR) team within its Security Engineering organization. The successful candidate will focus on enabling and supporting our security analysts with specialized knowledge across the spectrum of Falcon Complete support modules. As a Senior Threat Response Specialist, you will play a crucial role in enhancing our detection and response capabilities, providing expert guidance on current and emerging security issues, and ensuring our team is equipped to handle threats effectively.

What You'll Do:

Emerging Threat Response: Stay up to date on emerging threats and threat actors. Contribute to initiatives to proactively identify, assess, and mitigate new and evolving threat campaigns. Collaborate with CrowdStrike threat intelligence teams to integrate the latest threat data into the Falcon Complete threat response program.
Threat Detection Enablement: Use threat research to fuel the detection engineering team for developing and fine-tuning detection mechanisms on Endpoint, Identity, Cloud, and supported NG-SIEM integrations.
Expert Support: Serve as the go-to expert on emerging threats facing the Falcon Complete team. Collaborate with security analysts during incident investigations into novel threats, providing expert insight and threat knowledge across Endpoint, Identity, Cloud, and supported NG-SIEM technologies.
Knowledge Sharing: Educate and advise security analysts, detection engineers, intelligence analysts, and automation/AI engineers on emerging and topical threats, security solution best practices, and effective response techniques.
Knowledge Base Development: Contribute to efforts to enhance the organizational knowledge base to support Managed Detection and Response. Establish and maintain comprehensive response knowledge artifacts across various security domains and ensure that these are up-to-date with the latest security threats and technological advancements. Collaborate with other teams within the Falcon Complete Security Engineering organization to ensure these are delivered to security analysts in the most effective way possible (e.g. integration with artificial intelligence systems or other existing tooling, wiki based knowledge articles, or used for automation opportunities).

What You'll Need:

Experience: Minimum of 5 years of experience in a response or research focused security role, with at least 3 years focused on supporting Incident Response, security operations or MDR teams.
Incident Handling: experience conducting or managing incident response for organizations, investigating targeted threats such as the Advanced Persistent Threat, Organized Crime, and Hacktivists.
Threat Research: experience performing threat research to identify and cluster campaigns and emerging threats
Incident Remediation: strong understanding of targeted attacks and able to create customized tactical and strategic remediation plans for compromised organizations.
Significant experience utilizing cyber threat intelligence in a security operations environment
Deep understanding of how attack vectors manifest in EDR and SIEM telemetry/logs and how to investigate them.
Knowledge of automation tools and scripting languages (e.g., Python, PowerShell)
Experience using AI and automation tooling in an operational and intelligence capacity.

#LI-BS1

#LI-Remote

**Benefits of Working at CrowdStrike: **

Market leader in compensation and equity awards
Comprehensive physical and mental wellness programs
Competitive vacation and holidays for recharge
Paid parental and adoption leaves
Professional development opportunities for all employees regardless of level or role
Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections
Vibrant office culture with world class amenities
Great Place to Work Certified™ across the globe

CrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program.

CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment. The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law. We base all employment decisions--including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs--on valid job requirements.

If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at recruiting@crowdstrike.com for further assistance.