Sr. Engineer 1 - Sensor, Windows Vulnerability Research & Detection (Remote, GBR)
GBR Remote, United Kingdom
CrowdStrike
CrowdStrike is a global cybersecurity leader with an advanced cloud-native platform for protecting endpoints, cloud workloads, identities and data.About the Role:
CrowdStrike is looking for a Sr. Software Engineer I to join our growing Content Research & Exploit Detection team within the Content group, which focuses on emerging vulnerability research, exploit mitigations, and security-related endpoint development on the Windows operating system.
The Content group plays a central role in fulfilling CrowdStrike’s mission to Stop Breaches. Within the Content Research & Exploit Detection team (CRED), we research the latest common vulnerabilities and exposures (CVEs) to develop tools and techniques that expand sensor visibility and explore ways to detect advanced malicious behavior on customer endpoint devices. Our goal is to enable the sensor to autonomously identify and stop tools, techniques, and procedures where possible, and to provide useful visibility and guidance to security analysts when new previously unknown adversary activity occurs.
As a Sr. Software Eng 1 within the CRED team, you will be focused on the analysis and development of detection strategies for attack techniques across supported Windows OS versions. You’ll work collaboratively to implement detection logic within the Falcon sensor which includes both user-mode and kernel-mode components that together observe system activity, recognize malicious behavior, provide on-box prevention and remediation capabilities, and send relevant security related telemetry to the Falcon Cloud. You’ll help find creative and resourceful ways to detect Windows specific threats while also helping to develop features that leverage telemetry from common OS subsystems such as: file system, memory, process, and network activity. You’ll get exposure to both user-mode and kernel-mode coding practices.
As a Software Engineer, you will also collaborate with a wide range of other teams across the group as you help contribute to team initiatives and assist with operational response requirements. You’ll be expected to make contributions from the initial concept phase through design, implementation, release, and bugtail/support with a focus and passion for sensor performance, testing, and feature support. We're looking for smart people who want to be challenged and take ownership of what they build.
What You'll Do:
Recognize common weaknesses and build proof of concepts that can exercise vulnerable code paths.
Design and build detection logic and systems leveraged across teams within CrowdStrike to detect cyber attackers and stop breaches.
Extend our existing codebase and test suites utilizing C, C++, Python, and other tools as appropriate.
Brainstorm, define, and build collaboratively across multiple teams.
Obsess about learning, and champion the newest technologies & tricks with others, raising the technical IQ of the team.
Deliver and accept feedback with grace and courtesy.
Troubleshoot issues within the product when necessary, assisting customer support, test breaks, crash dumps, and release blockers.
Leverage your understanding of engineering best practices, including topics like secure coding, testing paradigms, effective peer code reviews, logging, and resilient architecture patterns, to ensure clean, supportable coding practices.
Be an energetic ‘self-starter’ who is empowered to take ownership and be accountable for deliverables, both individually and as part of a growing team.
What You'll Need:
Post-secondary education in computer science, engineering, or information security OR relevant experience.
Low-level OS knowledge of Windows operating system internals, security features, components, APIs, and design.
Proficiency in multiple programming languages including C, C++, and Python as well as familiarity with multiple processor architectures
Recent and relevant experience in vulnerability analysis and exploitation techniques,
Experience in software instrumentation, testing, and code coverage analysis
Knowledge of cyber security practices, challenges, tools, and techniques
Team player – able to lead, mentor, communicate, collaborate, and work effectively in a globally distributed team.
Bonus Points:
At least one of the following certifications is desirable:
Offensive Security Certified (OSCP, OSCE, OSEE)
Council of Registered Security Testers (CREST) Registered or Certified Professional certificate
SANS GIAC Penetration Tester, Web Application Penetration Tester, Exploit Researcher and Advanced Penetration Tester
Prior experience working with low-level code, such as OS kernel components, minifilters, or device drivers.
Understanding of kernel-mode and multi-threaded concurrent systems development in any of our supported platforms, with an interest to grow skills in all of them.
Prior penetration testing experience.
Prior experience delivering software via agile processes.
Prior participation in cyber security challenges (e.g. CTFs).
#LI-CW1
Benefits of Working at CrowdStrike:
Remote-friendly and flexible work culture
Market leader in compensation and equity awards
Comprehensive physical and mental wellness programs
Competitive vacation and holidays for recharge
Paid parental and adoption leaves
Professional development opportunities for all employees regardless of level or role
Employee Resource Groups, geographic neighbourhood groups and volunteer opportunities to build connections
Vibrant office culture with world class amenities
Great Place to Work Certified™ across the globe
CrowdStrike is proud to be an equal opportunity and affirmative action employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. Our approach to cultivating a diverse, equitable, and inclusive culture is rooted in listening, learning and collective action. By embracing the diversity of our people, we achieve our best work and fuel innovation - generating the best possible outcomes for our customers and the communities they serve.
CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment. The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law. We base all employment decisions--including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs--on valid job requirements. If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at recruiting@crowdstrike.com for further assistance.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile APIs C Cloud Computer Science CREST CrowdStrike Exploit GIAC Offensive security OSCE OSCP OSEE Pentesting Python SANS Vulnerabilities Windows
Perks/benefits: Career development Competitive pay Equity / stock options Flex hours Flex vacation Health care Salary bonus Team events Wellness
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.