Sr. Cloud Threat Detections Engineer

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. We work on large scale distributed systems, processing almost 3 trillion events per day. We have 3.44 PB of RAM deployed across our fleet of C* servers - and this traffic is growing daily. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.

About the Team:

You'll be joining CrowdStrike's Cloud Content Research team, a team focused on stopping real-world adversaries targeting cloud infrastructure. Our unique position within CrowdStrike allows us to work closely with our Threat Intelligence, OverWatch, and Incident Response teams, translating front-line observations of adversary tactics into effective detection capabilities. We combine deep cloud security expertise with innovative detection engineering to identify and stop sophisticated cloud threats. Our team creates advanced detection content and drives innovation in cloud security through close collaboration with Product and Engineering teams, who develop new detection capabilities based on our insights and requirements. We focus on both strategic research into emerging cloud attack techniques and rapid response to evolving adversary tactics observed in the wild.

About the Role:
As a Senior Cloud Detection Engineer, you'll be at the forefront of protecting organizations against sophisticated cloud threats, working with some of the industry's most advanced security technologies and enterprise-scale cloud environments. You'll have the unique opportunity to translate real-world adversary intelligence into innovative detection capabilities that protect many of the world's leading organizations across every major industry.

What You'll Do:

• Research and develop detection content for cloud-native attacks, including identity-based threats, data exfiltration, privilege escalation, cloud-native tactics

• Create correlation logic and between runtime events and control plane activities

• Design and implement detection logic across multi-cloud and hybrid environments

• Collaborate with Threat Intelligence, OverWatch, and Incident Response teams to develop detections based on real adversary activities

• Partner with Product and Engineering teams to enhance detection capabilities

What You'll Need:

• Strong background in detection engineering or cloud security operations

• Deep understanding of cloud service provider architectures and security models

• Extensive experience creating detection content for cloud environments

• Proven ability to analyse large-scale security datasets

• Strong analytical and problem-solving capabilities

• Excellent collaboration and communication skills

Desired Experience:

• Experience with major cloud providers (AWS, Azure, GCP, OCI)

• Familiarity with SIEM platforms and query languages (advantage: LogScale)

• Linux security and runtime detection experience

• Kubernetes security and detection experience

• Background in threat research, incident response, or red/blue team

• Experience with MITRE ATT&CK for Cloud

• Track record of improving detection efficacy

What Sets You Apart:

• Experience developing detection content at scale

• Understanding of cloud-native attack techniques

• Ability to balance research insights with practical implementation

• Track record of cross-team collaboration in security projects

#LI-DM1

Benefits of Working at CrowdStrike:

• Remote-friendly and flexible work culture

• Market leader in compensation and equity awards

• Comprehensive physical and mental wellness programs

• Competitive vacation and holidays for recharge

• Paid parental and adoption leaves

• Professional development opportunities for all employees regardless of level or role

• Employee Resource Groups, geographic neighbourhood groups and volunteer opportunities to build connections

• Vibrant office culture with world class amenities

• Great Place to Work Certified™ across the globe

CrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program.

CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment. The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law. We base all employment decisions--including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs--on valid job requirements.

If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at recruiting@crowdstrike.com for further assistance.