at CrowdStrike, Inc. in Springfield, Illinois, United States
Job Description
CrowdStrike, Inc.Full time
R19068
About the Role:
Good at breaking things? This job is for you! This position is responsible for developmental and operational penetration testing for our product and all our online properties.
This position requires someone with expertise in manual and automated web application penetration testing with the knowledge needed to breach security defenses. The ideal candidate will have at least two years of experience performing penetration tests using a mix of commercially available, open source and personally built tools. A solid understanding of network protocols, server and web application weaknesses is also needed. The successful candidate will also have good communication skills and will provide a high level of security expertise to the company while working in a complex distributed environment.
As stated by George Kurtz, co-founder and CEO of CrowdStrike, “Since our founding, CrowdStrike has pioneered the use of AI in cybersecurity.” The ideal candidate will have an interest in both using and assessing AI driven applications, though demonstrated experience is not a requirement.
What You’ll Do:
Perform comprehensive penetration testing assessments across the organization.
Manage the entire lifecycle of penetration testing findings from discovery, triage, advising, remediation, and validation.
Work with various different business units to perform penetration testing assessments on systems or applications before go live rollouts.
Examine systems and applications to assess the current security posture.
Manage penetration testing related tickets to ensure issues are remediated within proper timelines.
Advocate for security best practices across the organization.
What You’ll Need:
Advanced knowledge of server and client operating systems.
Extensive computer skills and an understanding of networking, cryptography, web applications, databases, and wireless technologies.
Ability to prioritize impactful findings and drive these items to remediation.
Experience working with Mac, Windows, Linux and/or other Unix-like variants.
Extensive understanding of TCP, UDP, HTTP, IP and other network protocols.
A detailed understanding of how to triage vulnerabilities using CVSS calculators and the ability to validate security related findings.
Possess the ability to work independently.
Proactive go getter attitude to solve challenging problems.
Stays up to date with current vulnerabilities and vulnerability related news in various industries.
Ability to automate and script tasks using your preferred language (e.g. GoLang, Python, Ruby, Perl, BASH)
The ability to work remotely with teammates across the organization and maintain healthy working relationships.
Bonus Points:
Interest in all things AI and willingness to grow into a Subject Matter Expert (SME) in evaluating AI applications for vulnerabilities or using AI/ML to enhance pentest processes
Familiarity with the OWASP
PI242293573
CrowdStrike, Inc. is an Equal Opportunity Employer and does not discriminate against any applicants for employment based on their race, color, religion, sex (including pregnancy, sexual orientation, or gender identity), national origin, age, physical or mental disability, genetic information, veteran status, uniformed service member status, or any other status protected by law.
