at CrowdStrike, Inc. in Springfield, Illinois, United States
Job Description
CrowdStrike, Inc.Full time
R19649
About the Role:
The Red Team TechOps Engineer will join a non-billable R&D team dedicated to supporting Professional Services Red Team activities in client networks that simulate known threat actors. This Red Team helps CrowdStrike customers identify and reduce gaps in their ability to deter malicious activity. We’re looking for an engineer that will support the team by reducing operational uncertainty against defensive products, among other tasks that improve the team’s strategic and tactical capabilities.
What You’ll Do:
Build and maintain product testing systems that generate data for a decision support system.
Actively use systems to provide bespoke tactical intelligence to operators on engagements.
Respond to regular product updates to ensure capabilities are functional and resilient.
Development tasks that are both malware-oriented and platform-oriented.
Programming for Windows, Linux, and macOS platforms (user- and kernel-mode).
Programming related to event streaming, telemetry post-processing, and build engineering.
Provide development and infrastructure support to improve overall offensive capabilities.
Review analytics data from sensors to guide the development of offensive tradecraft.
Develop initial access and post-exploitation capabilities (some evasive, some noisy).
Contribute to capabilities to enhance operator decision making.
Proactively identify opportunities to improve workflows and processes.
Document completed development projects for operational use.
Share responsibilities on administration and infrastructure.
What You’ll Need:
Reverse engineering skills and mindset in both vulnerability research and malware analysis.
Forward engineering skills in languages such as C++, C#, and Python.
Systems programming background in at least Windows + aptitude to learn Linux and macOS.
Demonstrable understanding of EDR internals and other telemetry-based technologies.
Demonstrable familiarity with using the OODA loop concept to subvert complex systems.
Prior experience in goal-oriented red team operations and penetration testing phases.
Prior experience in UX/UI elements of projects to improve workflows and adoption.
Security community participation (conference speaker or tool contributor) is a plus.
Experience with developing custom C2 frameworks or offensive security tooling is a plus.
Prior experience with event streaming, web development, and data analysis is a plus.
Familiarity with the following is a plus: Kafka, FastAPI, Neo4j, LogScale, Docker, Jenkins.
All candidates must possess the following qualifications:
Strong problem solving and critical thinking skills.
Excellent oral and written communications s
PI244300754
CrowdStrike, Inc. is an Equal Opportunity Employer and does not discriminate against any applicants for employment based on their race, color, religion, sex (including pregnancy, sexual orientation, or gender identity), national origin, age, physical or mental disability, genetic information, veteran status, uniformed service member status, or any other status protected by law.
