Cloud Red Teamer

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.

Malware Research Center:

The CrowdStrike Malware Research Center (MRC) is at the core of Falcon’s malware detection and response capabilities. The team focuses on understanding the threat landscape and sets the target for what Falcon should be detecting and preventing. Additionally, the MRC is responsible for understanding our capabilities and mapping how well our machine learning and behavioral protection capabilities are doing against those threats. Where there is a gap, the MRC takes action to improve our detection stance and overall protection story. There are many parts of CrowdStrike working towards protecting customer environments and the MRC works across all of them to ensure we are on target and providing the best protection for the current threat landscape.

About the Role:

The Sr. Cloud Red Team Engineer will work on a team dedicated to performing adversarial activities, with this role specifically focusing on Cloud environments. As part of the team, you will emulate known threat actors' TTPs in cloud and hybrid environments, evaluate advanced cloud specific techniques and improve CrowdStrike's Falcon platform security capabilities.

What You’ll Do:

• Design and execute adversarial emulations across cloud and hybrid environments, with emphasis on AWS.

• Replicate and implement malware and evasion techniques.

• Perform security assessments of cloud architectures and services.

• Create and maintain attack frameworks and automation tools.

• Document and report findings to both technical and management audiences.

• Work with a wide team and assist in developing and improving Falcon’s effectiveness.

What You'll Need:

• Deep expertise in AWS services, architecture, and security controls.

• 5+ years of experience in Cloud Security and Red Team operations.

• Strong understanding of cloud attack vectors (IAM exploitation, serverless attacks, container escape, etc.).

• Experience with EDR bypass and tampering.

• Advanced knowledge of operating system internals (Windows, Linux, macOS).

• Experience in one or more high level programming languages (C/C++, Rust, .Net, Go, etc) and low-level programming languages.

• Experience with reverse engineering toolsets (IDA, Ghidra, windbg, gdb, etc.).

• Experience with the MITRE ATT&CK Framework.

• Security community participation (conference speaker, tool development contributor, blog posts) is valued.

• Desirable Certifications: AWS Certified Security - Specialty certification, Additional AWS certifications (Solutions Architect, DevOps Engineer), OSCP, OSWE, OSEP.

#LI-Remote
#LI-RC1

#LI-KM1

Benefits of Working at CrowdStrike:

• Remote-friendly and flexible work culture

• Market leader in compensation and equity awards

• Comprehensive physical and mental wellness programs 

• Competitive vacation and holidays for recharge  

• Paid parental and adoption leaves

• Professional development opportunities for all employees regardless of level or role

• Employee Resource Groups, geographic neighbourhood groups and volunteer opportunities to build connections

• Vibrant office culture with world class amenities

• Great Place to Work Certified™ across the globe

Right to Work