Sr. Threat Detection Research Engineer (Remote)

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.

About the Team
The CrowdStrike Malware Research Center is the core of Falcon’s malware detection and response capabilities. The team has a focus on understanding the threat landscape and sets the target for what Falcon should be identifying and preventing. Additionally, the MRC is responsible for understanding our capabilities, and mapping how well our machine learning and behavioral protection capabilities are doing against those threats. Where there is a gap, the MRC takes action
to improve our detection stance and overall protection story. MRC also performs pathfinding research to enable technology development using innovation, prototyping, and bleeding-edge machine learning to support our flagship Falcon product. The MRC works across many parts of CrowdStrike to ensure we're on target and delivering the best protection against the current threat landscape.

About the Role:
Leading the charge for understanding malware activity today is the Threat Research team. With a focus on malware research, the primary goal is to investigate relevant threats and techniques impacting our customers. Given the enormous volume of malware, this role requires a scalable approach via automation and machine learning, empowering researchers to extract insights while
systems handle volume.
 

Research Engineers will validate threats from a range of sources, using techniques such as execution, behavioral review, and reverse engineering to determine their potential impact. Key responsibilities include communicating technical details to cross-functional teams, recommending effective mitigations, and enabling Falcon’s defenses.
 

Reverse engineering of malware and exploits is a part of the role—uncovering underlying mechanisms, algorithms, and tactics used by adversaries. This insight feeds into internal tools and response strategies. Researchers also contribute to automation strategy by identifying where efficiencies can be gained and providing proof-of-concept tooling to enhance detection and mitigation workflows. Staying current with industry advancements and integrating new methods into the team’s
operations are key to maintaining cutting-edge protection.
 

What You'll Do:

• Analyze and validate malware threats using behavioral analysis, execution, and reverse engineering.

• Communicate technical threat details and mitigation strategies to response and engineering teams.

• Collaborate to prioritize and define automation opportunities to streamline threat analysis workflows.

• Perform reverse engineering of malware and exploits to identify TTPs and support mitigation planning.

• Contribute proof-of-concept automation and tooling to demonstrate new ideas and accelerate analysis.

• Continuously research and integrate new threat detection and analysis techniques.

• Provide actionable intelligence to improve Falcon’s defense capabilities.

What You'll Need:

• 8+ years’ experience in threat research, with a focus on malware analysis and cloud threat actor tradecraft.

• Experience in reverse engineering, disassembly, and analyzing file-based threats and exploits.

• Experience with AWS tradecraft, IaaS, IaC, and threat actor use of cloud IAM.

• Strong understanding of OS internals and behavior-based detection systems.

• Familiarity with MITRE ATT&CK for describing threat behaviors.

• Proficiency in at least one scripting or programming language - Python, C/C++, or Go.

• Experience producing and handing off proof-of-concept tools and automation to engineering.

• Excellent interpersonal skills with the ability to collaborate cross-functionally and influence priorities.

#LI-Remote
#LI-RC1

#LI-KM1

This role will require the candidate to periodically undergo and pass additional background and fingerprint check(s) consistent with government customer requirements.

Benefits of Working at CrowdStrike:

• Remote-friendly and flexible work culture

• Market leader in compensation and equity awards

• Comprehensive physical and mental wellness programs 

• Competitive vacation and holidays for recharge  

• Paid parental and adoption leaves

• Professional development opportunities for all employees regardless of level or role

• Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections

• Vibrant office culture with world class amenities

• Great Place to Work Certified™ across the globe

CrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program.

CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment. The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law. We base all employment decisions--including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs--on valid job requirements.

If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at recruiting@crowdstrike.com for further assistance.

Find out more about your rights as an applicant.

CrowdStrike participates in the E-Verify program.

Notice of E-Verify Participation

Right to Work

CrowdStrike, Inc. is committed to equal pay for equal work in its compensation practices. The base salary range for this position in the U.S. is $135,000 - $215,000 per year + variable/incentive compensation + equity + benefits. A candidate's salary is determined by various factors including, but not limited to, relevant work experience, skills, certifications, job level, supervisory status, and location.

Expected Close Date of Job Posting is:08-11-2025