Principal Threat Response Specialist, Falcon Complete (Remote, GBR)

Posted:
12/12/2024, 4:06:41 AM

Experience Level(s):
Expert or higher ⋅ Senior

Field(s):
IT & Security

Workplace Type:
Remote

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate an inclusive culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.

About the Role:

We are seeking a highly skilled and experienced Principal Threat Response Specialist to join our Falcon Complete Managed Detection and Response (MDR) team. The successful candidate will focus on enabling and supporting our security analysts with specialized knowledge across the spectrum of Falcon Complete support modules. As a Principal Threat Response Specialist, you will play a crucial role in leading efforts to enhance our detection and response capabilities, providing expert guidance on current and emerging security issues, and ensuring our team is equipped to handle threats effectively.

What You’ll Do:

  • Playbook Development: Establish and maintain comprehensive response playbooks across various security domains: endpoint, identity, cloud, email, network, and more. Ensure that response playbooks are up-to-date with the latest security threats and technological advancements. Collaborate with Falcon Complete Response Engineers to develop SOAR actions for these in the Falcon platform.

  • Emerging Threat Response: Stay up to date on emerging threats and threat actors. Leading initiatives to proactively identify, assess, and mitigate new and evolving threat campaigns. Collaborate with CrowdStrike threat intelligence teams to integrate the latest threat data into the Falcon Complete threat response program.

  • Expert Support: Serve as the go-to expert on emerging threats facing the Falcon Complete team. Collaborate with security analysts during incident investigations, providing expert insight into emerging and novel threat vectors and remediation strategies across Endpoint, Identity, Cloud, and supported NG-SIEM technologies.

  • Threat Detection Enablement: Assist in developing and fine-tuning detection mechanisms and use cases for Endpoint, Identity, and supported NG-SIEM integrations.

  • Knowledge Sharing: Educate and mentor security analysts on emerging and topical threats, security solution best practices, and effective response techniques.

What You’ll Need:

  • Experience: Minimum of 7 years of experience in a response or research focused security role, with at least 5 years focused on supporting Incident Response, security operations or MDR teams.

  • Incident Handling: experience conducting or managing incident response for organizations, investigating targeted threats such as the Advanced Persistent Threat, Organized Crime, and Hacktivists.

  • Incident Remediation: strong understanding of targeted attacks and able to create customized tactical and strategic remediation plans for compromised organizations.

  • Experience utilizing cyber Threat Intelligence in a security operations environment

  • Deep understanding of how attack vectors manifest in EDR and SIEM telemetry/logs and how to investigate them.

  • Experience with SIEM and SOAR technologies

  • Knowledge of automation tools and scripting languages (e.g., Python, PowerShell).

#LI-EV1

#LI-Remote

Benefits of Working at CrowdStrike:

  • Remote-friendly and flexible work culture

  • Market leader in compensation and equity awards

  • Comprehensive physical and mental wellness programs

  • Competitive vacation and holidays for recharge

  • Paid parental and adoption leaves

  • Professional development opportunities for all employees regardless of level or role

  • Employee Resource Groups, geographic neighbourhood groups and volunteer opportunities to build connections

  • Vibrant office culture with world class amenities

  • Great Place to Work Certified™ across the globe

CrowdStrike is proud to be an equal opportunity and affirmative action employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. Our approach to cultivating a diverse, equitable, and inclusive culture is rooted in listening, learning and collective action. By embracing the diversity of our people, we achieve our best work and fuel innovation - generating the best possible outcomes for our customers and the communities they serve.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at [email protected] for further assistance.

CrowdStrike

Website: https://www.crowdstrike.com/

Headquarter Location: Sunnyvale, California, United States

Employee Count: 5001-10000

Year Founded: 2011

IPO Status: Public

Last Funding Type: Post-IPO Equity

Industries: Artificial Intelligence (AI) ⋅ Cloud Data Services ⋅ Cloud Security ⋅ Cyber Security ⋅ Network Security