We are seeking a highly skilled and experienced SOC Manager to lead the development and operation of our Security Operations Center. This role involves building a new SOC team, adopting and deploying SIEM (Security Information and Event Management) technology, and managing incident response in a hybrid environment (on-prem/cloud).

Responsibilities:

Team Recruitment and Leadership: Recruit and mentor a team of 2-3 SOC analysts. Lead, develop, and evaluate team performance.
Technology Selection and Deployment: Identify and deploy appropriate SIEM technology to enhance our cybersecurity posture.
Alert and Log Management: Map out all necessary alerts and logs for continuous monitoring and threat detection.
Alert Classification and Prioritization: Develop a system to classify and prioritize alerts based on severity and impact.
Hybrid Environment Monitoring: Oversee the monitoring of both on-premises and cloud-based systems.
Automation and Process Improvement: Implement automation strategies to enhance the efficiency and effectiveness of the SOC operations.
Incident Response Management: Lead and manage the incident response process, ensuring swift and effective resolution of security incidents.

We are looking for a Senior Security Researcher to join our team Cloud Security.
In this role, you will take part in protecting our customers' cloud environments from a wide range of cyber threats.
Your contributions will be directly impactful, not only ensuring our customers' success but also making a significant difference in the evolving landscape of cloud security.
Your Opportunity:
Research cloud threats and collaborate closely with the engineering team to transform research insights into innovative product features
Develop effective detection rules and enhance our product's capabilities for better threat detection
Launch and manage incident response operations to investigate attacks on cloud environments
Investigate malware specifically targeting cloud workloads, understanding their mechanisms and impacts, and produce high-quality reports
Present your unique findings and share knowledge at cyber and cloud conferences

We are looking for a Threat Researcher.
we are an innovative company that has a unique and game-changing software solution to protect Fortune 500 End-Point users against Zero Day & APT cyber-attacks. This is an incredible opportunity to get in a Pre-IPO Cyber Security company that is poised to do huge things! We're on a mission to disrupt the cyber security market and the time is NOW!
The successful candidate will be responsible to identify, analyze and collect cyber malware samples and campaigns. Perform research on threat actors, new attack vectors and techniques, develop POCs and analysis tools, and prepare research publications.
The role involves hands-on responsibilities, working closely with security researchers and Deep-Learning engineers. It requires multitasking in a fast-paced environment with high-quality, accurate, and timely deliverables.
RESPONSIBILITIES:
Research and analyze emerging cyber threats: Identifying new malware strains, large-scale campaigns, and advanced persistent threats (APTs). Analyze their behavior, capabilities, and techniques for evading detection and achieving their goal.
Collaborate with other members of the research department: Work closely with security researchers, ML engineers, and other team members to develop and implement defense strategies for the current and future threat landscape.
Document the findings of threat research and publication reports that can be shared with internal and external stakeholders.
Stay up-to-date with the latest developments in the cyber security field: including the latest trends, techniques, and threats in the cyber security field.
Uncover and develop new cyber-attack vectors, techniques and POCs.

We are looking for a Android Security Researcher II.
The Security Researcher focuses on deep research of new vulnerabilities
and exploits, including how to use this knowledge to the benefit of our customers and the security product suite.
The work includes reverse engineering, so requires a deep understanding of the target operating system, and relevant tools and techniques. Depending on the specific role, Security Researchers will be expected to deliver product detection enhancements (including code and/or rules), POCs of exploits, CVEs, and marketable research.
Security Researchers will have access to cutting-edge technology only found within the Threat Labs team.
Security Researchers analyze customer detections, informing our response and further development of our proprietary threat intelligence and security capabilities.
What you can expect to do in this role:
Perform research, including reverse engineering, into novel and zero-day vulnerabilities and exploits, using of in-house and 3rd party tooling, providing recommendations on how to protect our customers.
Perform analysis of customer detections generated by our platform to determine accuracy; recommend detection changes accordingly.
Research new ways to detect malicious activity using custom-built tooling.
Stay up to date on the latest malware trends and OS developments.
Development and maintenance of custom research tools to assist in day-to-day tasks.
Support sales and marketing by supporting the creation of marketable material and thought leadership.
Perform other duties and special projects as assigned.
Customer value focus with the ability to quickly iterate based on emerging threats and customer feedback

were looking for a Threat Detection Analyst to join our team
WHAT YOULL DO

Monitor attacks against cloud environments and malware targeting cloud workloads
Build detections and tools to protect customers from cloud threats
Collaborate closely with the R&D team to transform research insights into product features
Build procedures and playbooks to be used when emerging threats are detected
Work with customers in response to requests related to suspicious activity or potential incidents
Develop best practices and security policies based on research findings, and write external-facing materials stemming from your research

We're looking for a Security Operations (DevSecOps) Engineer to help enhance the security and efficiency of our software solutions.
In this role, you'll work closely with the development and implementation teams, supporting key accounts and ensuring our services are secure and compliant with industry standards.
What will you do:
Manage security protocols across all platforms to prevent unauthorized access.
Analyze and respond to security threats in real-time.
Work with Engineering and Data Leadership to improve security strategies.
Lead and participate in large-scale technical projects focused on security enhancement.
Identify and address security loopholes proactively.
Respond to security incidents quickly, analyze them, and prepare incident reports.
Ensure security is integrated during the development phase (CI/CD)Assist in compliance audits for SOC 2 and HIPAA.
Explore and implement advanced security tools and frameworks.
Promote security awareness within the team.

Security Researcher plays a critical role in advancing our mobile security research efforts.
This role is responsible for investigating and analyzing security vulnerabilities, developing cutting-edge techniques for mobile device forensics, and contributing to the development of innovative solutions that protect our clients' mobile ecosystems and to publish security research.
What you can expect to do in this role:
iOS Security Analysis: Conduct in-depth analysis of iOS security mechanisms, including the secure boot process, sandboxing, code signing, keychain, secure enclave, and data protection. Identify weaknesses and potential vulnerabilities within the iOS ecosystem.
Vulnerability Assessment: Perform comprehensive vulnerability assessments of iOS applications using industry-standard frameworks such as MITRE, OWASP Mobile Security Testing Guide, and tools like Burp Suite. Identify and document security issues and propose mitigation strategies.
Attack Vector Analysis: Explore potential attack vectors that could compromise iOS devices and applications. Develop a deep understanding of the iOS threat landscape and post-exploit scenarios to anticipate and counteract security threats effectively.
Reverse Engineering: Utilize reverse engineering techniques and tools such as IDA Pro, Hopper, and Ghidra to dissect iOS applications and firmware. Analyze binaries, disassemble code, and reverse engineer software components to uncover vulnerabilities and weaknesses.
Privilege Escalation Research: Investigate iOS privilege escalation techniques and vulnerabilities, staying ahead of potential threats. Research and develop countermeasures to protect against privilege escalation attacks.
Development Contributions: While not mandatory, the ability to develop security-related tools, scripts is an advantage. Contribute to the creation of custom tools or enhancements that aid in mobile forensic analysis and security assessments.
Documentation and Reporting: Create detailed reports and documentation of security findings, methodologies, and recommended solutions. Communicate research results effectively to both technical and non-technical stakeholders through written reports and presentations.
Collaboration: Collaborate closely with cross-functional teams, including fellow researchers, software developers, and cybersecurity experts, to share insights, collaborate on security initiatives, and contribute to the development of secure mobile solutions.
Stay Current: Continuously monitor and stay up-to-date with the latest developments in iOS security, vulnerabilities, and exploits. Contribute to threat intelligence by sharing relevant information with the team.

We're looking for an experienced Network Security Analyst to join us.
WHAT YOU'LL DO

Investigate network security risks in customer environments.
Develop network threat models of new cloud services and cloud-deployed applications.
Work closely with product management to support product roadmap decision-making.
Operationalize your knowledge of cloud network security by building security controls and detection rules related to public exposure, potential external attack vectors, lateral movement, and more.

We are looking for a researcher to help us harness the power of trillions of security signals to rapidly diagnose and alert the latest attacker behaviors, drive critical context-rich signals, construct new tools and automations to support customers, identify threats, and detect advanced attacker techniques.
Responsibilities:
Analyze various network devices, configurations and security products
Implement methods and algorithms to discover network topology, relationships between devices and potential lateral movement paths
Conduct network security assessments to identify weaknesses in customers network infrastructure, and recommend mitigations to monitor and limit unauthorized access
Develop research tools and frameworks to perform automatic analysis of network devices and security products
Research and analyze network-related cybersecurity threats and trends
Work closely with other internal engineering and AI teams to integrate new capabilities into our platform and guide cross-product architectural decisions
Act as a security subject matter expert for multidisciplinary teams

This role provides a unique opportunity to join a team with strategic importance to protecting our customers from emerging threats and novel attack methodologies in both cloud and Linux based environments. You will stay ahead of the curve with regards to the threat landscape and your research will directly impact the direction of the team and our product.

If you have a strong passion for security and technology, have an interest in supporting engineering projects, and want to gain real-world experience in dealing with advanced threat actors targeting cloud environments, we have a role for you!


Your contributions will enable continuous improvement of CrowdStrikes cloud detection capabilities ensuring that our customers can be secured with the most advanced security measures in place.



What You'll Do:

Develop, implement and optimize threat detection rules tailored to cloud runtime environments. Aim to detect and respond to activity as early in the killchain as possible.

Rapid response to potential malicious campaigns or extensive exploitation cloud runtime resources post vulnerabilities disclosure.

Conduct proactive threat hunting exercises to identify potential security gaps and emerging threats within cloud environments.

Track and present threat detection findings, including recommended strategies or possible product improvements.

Collaborate with cross functional teams: Work closely with various teams, including OverWatch, engineering, product management, detection engineering, and threat intelligence to drive cloud detections in the Crowdstrike falcon platform.

Stay abreast of the latest threat landscape and cloud security trends, continuously updating detection strategies to address emerging threats and vulnerabilities.