Job Information
CrowdStrike, Inc. Sr. Red Team Engineer (Remote) in Kirkland, Washington
CrowdStrike, Inc. Full time R18298 About the Role: The Senior Red Team Engineer will assist in developing an Adversary Simulation program under the Information Security organization which covers security throughout all of CrowdStrike's business and products. This position will lead Red Team activities simulating known threat actors, to help CrowdStrike determine the impact and likelihood of a threat actor to accomplish objectives across the Kill Chain and MITRE ATT&CK Framework. Outside of leading impactful Adversary Simulation exercises, the Sr. Red Team Engineer will work closely with the Red Team Manager to build the program, develop tools, techniques and processes (TTPs) for operations, and deliver results to defensive teams to ultimately maintain CrowdStrike's secure environment. What You'll Do:
Act as a point of contact for CrowdStrike's Adversary Simulation program, leading Red Team activities and a Subject Matter Expert (SME) in adversary tactics
Must be able to effectively communicate at all levels (executive leadership and technical support teams) within CrowdStrike.
Develop and lead planning meetings to ensure all exercises have well defined goals and training objectives for defensive teams
Develop reporting with mitigation strategies from the results of Adversary Simulation exercises for both management and technical audiences
Provide guidance using specialized knowledge and toolsets to operational teams during enterprise wide crisis scenarios, e.g. 0-day vulnerability released (Log4j)
What You'll Need:
3+ years of experience in Red Team activities is highly preferred
Minimum 1 year of experience in a senior or leadership role is highly preferred
Security community participation (conference speaker, tool development contributor, ...) is highly preferred
Experience using both commercial and open source tools to achieve the objective
Experience in planning and executing Red Team activities that evaded both network and endpoint security controls
Experience emulating known threat actors and their respective tradecraft
Experience planning both phishing and assumed breach exercises and understand the OPSEC ramifications throughout the Red Team operation
Ability to develop, extend or modify Red Team tooling
Experience building secure red team infrastructure
Ability to evaluate threat intelligence and understand potential impact to CrowdStrike
Comprehensive understanding of the security methodologies, technologies, and best practices
Windows / Linux / Mac operating systems
Comprehensive knowledge of firewalls, proxies, mail servers and web servers
Advanced experience in automation and scripting of applications and systems
Relevant certifications and trainings a plus
Bonus Points:
Familiarity with infrastructure-as-code, such as Terraform or Ansible
Advanced knowledge with cloud environments, Identity Providers, common security concerns with SaaS applications
Experience conducting Red Team activities in a macOS environment
Experience targeting CI/CD or software supply chain in a Red Team operation
Familiarity with the Red Team Maturity Model
#LI-Remote #LI-RC1 Benefits of Working at CrowdStrike:
Remote-first culture
Market leader in compensation and equity awards
Competitive vacation and flexible working arrangements
Comprehensive and inclusive health benefits
Physical and mental wellness pro