Penetration Test Engineer

2 Months ago • 2 Years + • Testing

Job Summary

Job Description

As a Penetration Test Engineer at CrowdStrike, you will be responsible for developmental and operational penetration testing for products and online properties. This includes performing comprehensive assessments, managing the lifecycle of findings, working with various business units, and advocating for security best practices. The role requires expertise in manual and automated web application penetration testing, knowledge of network protocols, and the ability to work in a complex distributed environment. You will be expected to identify vulnerabilities, drive their remediation, and ensure the organization's security posture is maintained. You will be working remotely with teammates across the organization and maintain healthy working relationships.
Must have:
  • Expertise in manual and automated web application penetration testing.
  • Knowledge of server and client operating systems.
  • Understanding of networking, cryptography, web applications, databases, and wireless technologies.
  • Ability to prioritize and drive findings to remediation.
  • Experience with Mac, Windows, Linux, or Unix-like variants.
  • Understanding of TCP, UDP, HTTP, IP, and other network protocols.
  • Ability to triage vulnerabilities using CVSS calculators.
  • Ability to work independently.
  • Proactive problem-solving attitude.
  • Up-to-date knowledge of current vulnerabilities.
  • Ability to automate and script tasks using a preferred language.
  • Ability to work remotely with teammates.
Good to have:
  • Familiarity with the OWASP Top 10 list.
  • Experience working with cloud technologies.
  • Familiarity with threat actor tools, techniques, and procedures (TTPs).
  • Experience executing email phishing campaigns.
  • Ability to utilize and write scripts against common web APIs.
  • Knowledge of cloud platforms and concurrent systems.
  • Knowledge of build pipelines and CI tools.
  • Clear and efficient communication skills.
  • Ability to create slide decks.
  • Technical security certifications or academic background.
  • CVEs or bug bounty rewards.
  • Documented CTF write-ups or victories.
  • Hacker or professional group affiliations.
Perks:
  • Remote-friendly and flexible work culture
  • Market leader in compensation and equity awards
  • Comprehensive physical and mental wellness programs
  • Competitive vacation and holidays for recharge
  • Paid parental and adoption leaves
  • Professional development opportunities
  • Employee Resource Groups, geographic neighborhood groups and volunteer opportunities
  • Vibrant office culture with world class amenities
  • Great Place to Work Certified™ across the globe

Job Details

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.

About the Role:

Good at breaking things? This job is for you! This position is responsible for developmental and operational penetration testing for our product and all our online properties.

This position requires someone with expertise in manual and automated web application penetration testing with the knowledge needed to breach security defenses. The ideal candidate will have at least two years of experience performing penetration tests using a mix of commercially available, open source, and personally built tools. A solid understanding of network protocols, server and web application weaknesses is also needed. The successful candidate will also have good communication skills and will provide a high level of security expertise to the company while working in a complex distributed environment.

What You'll Do:

  • Perform comprehensive penetration testing assessments across the organization.

  • Manage the entire lifecycle of penetration testing findings from discovery, triage, advising, remediation, and validation.

  • Work with various different business units to perform penetration testing assessments on systems or applications before go live rollouts.

  • Examine systems and applications to assess the current security posture.

  • Manage penetration testing related tickets to ensure issues are remediated within proper timelines.

  • Advocate for security best practices across the organization.

What You'll Need:

  • Advanced knowledge of server and client operating systems.

  • Extensive computer skills and an understanding of networking, cryptography, web applications, databases, and wireless technologies.

  • Ability to prioritize impactful findings and drive these items to remediation.

  • Experience working with Mac, Windows, Linux and/or other Unix-like variants.

  • Extensive understanding of TCP, UDP, HTTP, IP and other network protocols.

  • A detailed understanding of how to triage vulnerabilities using CVSS calculators and the ability to validate security related findings.

  • Possess the ability to work independently.

  • Proactive go-getter attitude to solve challenging problems.

  • Stays up to date with current vulnerabilities and vulnerability related news in various industries.

  • Ability to automate and script tasks using your preferred language (e.g. GoLang, Python, Ruby, Perl, BASH).

  • The ability to work remotely with teammates across the organization and maintain healthy working relationships.

Bonus Points:

  • Familiarity with the OWASP Top 10 list

  • Experience working with cloud technologies (AWS, GCP, Azure, Kubernetes or docker), infrastructure as code tools (e.g., Terraform, Ansible), and/or container technologies

  • Familiarity with common threat actor tools, techniques, and procedures (TTPs), attack kill chains, and security control evasion.

  • Experience executing effective email phishing campaigns with custom domains, website hosting, payload delivery, credential harvesting, and additional components in this area.

  • Ability to utilize and write scripts against common web APIs (REST, SOAP).

  • Knowledge of cloud platforms and highly concurrent systems.

  • Knowledge of build pipelines and CI tools.

  • You’re a clear thinker and efficient communicator (i.e. written and verbal).

  • Ability to create elegant looking slide decks.

  • Technical security certifications or academic background are a plus.

  • CVEs or bug bounty rewards.

  • Documented CTF write-ups or victories.

  • Hacker or professional group affiliations.

#LI-EV1

#LI-Remote

Benefits of Working at CrowdStrike:

  • Remote-friendly and flexible work culture

  • Market leader in compensation and equity awards

  • Comprehensive physical and mental wellness programs

  • Competitive vacation and holidays for recharge

  • Paid parental and adoption leaves

  • Professional development opportunities for all employees regardless of level or role

  • Employee Resource Groups, geographic neighbourhood groups and volunteer opportunities to build connections

  • Vibrant office culture with world class amenities

  • Great Place to Work Certified™ across the globe

CrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program.

CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment. The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law. We base all employment decisions--including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs--on valid job requirements.

If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at recruiting@crowdstrike.com for further assistance.

Similar Jobs

WRI - Senior Communication Specialist for Cities

WRI

Jakarta, Indonesia (On-Site)
9 Months ago
Carbon Health - Clinic Manager

Carbon Health

Concord, California, United States (On-Site)
6 Days ago
Bonfire Studios - Senior Producer (Publishing)

Bonfire Studios

California, United States (Hybrid)
2 Weeks ago
Accenture - Creative Production Specialist

Accenture

Mumbai, Maharashtra, India (On-Site)
2 Months ago
Epic Games - Lead Counsel (Regulatory)

Epic Games

Cary, North Carolina, United States (On-Site)
5 Months ago
HCL Tech - Senior Tester

HCL Tech

Washington, District Of Columbia, United States (On-Site)
2 Months ago
Capgemini - Hardware Test Engineer

Capgemini

Coimbatore, Tamil Nadu, India (On-Site)
1 Month ago
Aspire - Software Engineer in Test II

Aspire

Gurugram, Haryana, India (Hybrid)
2 Weeks ago
Next Level Business Services - Workday Integration Tester

Next Level Business Services

Menomonee Falls, Wisconsin, United States (On-Site)
9 Months ago
endava - Senior Test Automation Engineer

endava

Brisbane, Queensland, Australia (On-Site)
1 Month ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

RocketWerkz - GAME PROGRAMMER (UNREAL ENGINE)

RocketWerkz

Auckland, Auckland, New Zealand (On-Site)
11 Months ago
The Walt Disney Company - Executive Producer, Digital

The Walt Disney Company

Durham, North Carolina, United States (On-Site)
3 Months ago
Corsair gaming - Supply Chain Planner

Corsair gaming

New Taipei City, Taiwan (On-Site)
1 Month ago
Demandbase - Product Marketing Manager

Demandbase

(Remote)
2 Months ago
Amber - QA Tester

Amber

Bucharest, Bucharest, Romania (On-Site)
2 Months ago
Nice - Professional Services Engineer

Nice

Atlanta, Georgia, United States (Hybrid)
2 Weeks ago
ElevenLabs - Sales Development Representative (Outbound)

ElevenLabs

Tokyo, Japan (Remote)
3 Months ago
luxsoft - Senior Business Analyst - Trade Finance

luxsoft

Chennai, Tamil Nadu, India (On-Site)
2 Months ago
Capgemini - NodeJS Developer with DevOps

Capgemini

Gurugram, Haryana, India (On-Site)
2 Months ago
ansira - Senior Helpdesk Engineer / Senior Helpdesk Support Specialist

ansira

Pune, Maharashtra, India (On-Site)
1 Year ago

Get notifed when new similar jobs are uploaded

Jobs in Romania

endava - Office Manager

endava

Cluj-Napoca, Cluj County, Romania (On-Site)
2 Weeks ago
AMC Studio - Lead Game Artist / Art Director

AMC Studio

Bucharest, Bucharest, Romania (Hybrid)
2 Months ago
Playtika - 2D Animator

Playtika

Romania (Hybrid)
8 Months ago
Tide - Senior Engineer, Python

Tide

Romania (Remote)
2 Weeks ago
PwC - Senior Associate - Audit and Assurance

PwC

Bucharest, Bucharest, Romania (On-Site)
9 Months ago
legion - Architect, Time and Attendance

legion

Bucharest, Bucharest, Romania (Hybrid)
1 Month ago
Electronic Arts - GameKit Operations Engineer

Electronic Arts

Bucharest, Romania (Hybrid)
1 Week ago
Tide - Senior Engineer, Python (Data & AI)

Tide

Romania (Hybrid)
2 Months ago
fortis games - Sr. QA Automation Engineer (Analytics-Data)

fortis games

Romania (Remote)
2 Months ago
dbt Labs - Senior Software Engineer, Cloud Signals

dbt Labs

Romania (Remote)
1 Week ago

Get notifed when new similar jobs are uploaded

Testing Jobs

Adit - EHR QA Tester

Adit

Ahmedabad, Gujarat, India (On-Site)
8 Months ago
luxsoft - Senior Automation Tester

luxsoft

Bengaluru, Karnataka, India (On-Site)
1 Month ago
Chimera entertainment - Brazilian Portuguese Localization QA Tester

Chimera entertainment

Montreal, Quebec, Canada (On-Site)
2 Months ago
Epic Games - Senior Software Development Engineer in Test (SDET)

Epic Games

Montreal, Quebec, Canada (On-Site)
5 Months ago
4j studios - QA Tester

4j studios

Dundee, Scotland, United Kingdom (On-Site)
1 Month ago
Yodo1 - Mobile Game Tester

Yodo1

(Remote)
11 Months ago
Drive mode - Software Development Engineer in Test

Drive mode

Mountain View, California, United States (Hybrid)
2 Months ago
fluence - Battery Pack Test and Validation Engineer

fluence

Houston, Texas, United States (Hybrid)
2 Months ago
Side - Video Games Tester - QA Tester

Side

São Paulo, State Of São Paulo, Brazil (On-Site)
2 Months ago
cyara - Senior Software Development Engineer in Test (SDET)

cyara

Hyderabad, Telangana, India (Hybrid)
10 Months ago

Get notifed when new similar jobs are uploaded

About The Company

CrowdStrike was founded in 2011 to fix a fundamental problem: The sophisticated attacks that were forcing the world’s leading businesses into the headlines could not be solved with existing malware-based defenses. Founder George Kurtz realized that a brand new approach was needed — one that combines the most advanced endpoint protection with expert intelligence to pinpoint the adversaries perpetrating the attacks, not just the malware. There’s much more to the story of how Falcon has redefined endpoint protection but there’s only one thing to remember about CrowdStrike: We stop breaches.
View All Jobs

Get notified when new jobs are added by Crowd Strick