Sr. Software Engineer, Windows Vulnerability Research - Oregon, United States - CrowdStrike Holdings, Inc.

Description

Sr. Software Engineer, Windows Vulnerability Research & Detection (Remote) page is loaded

Sr. Software Engineer, Windows Vulnerability Research & Detection (Remote)

Apply

locations

USA - Remote

time type

Full time

posted on

Posted Yesterday

job requisition id

R17496

#WeAreCrowdStrike and our mission is to stop breaches. As a global leader in cybersecurity, our team changed the game. Since our inception, our market leading cloud-native platform has offered unparalleled protection against the most sophisticated cyberattacks. We work on large scale distributed systems, processing over 1 trillion events a day with a petabyte of RAM deployed in our Cassandra clusters - and this traffic is growing daily. We're looking for people with limitless passion, a relentless focus on innovation and a fanatical commitment to developing and shaping our cybersecurity platform. Consistently recognized as a top workplace, CrowdStrike is committed to cultivating an inclusive, remote-first culture that offers people the autonomy and flexibility to balance the needs of work and life while taking their career to the next level. Interested in working for a company that sets the standard and leads with integrity? Join us on a mission that matters - one team, one fight.

About the Role:

CrowdStrike is looking for a Senior Software Engineer to join our growing Content Research & Integration Tactical team within the EndPoint Protection Content group, which focuses on vulnerability research, exploit mitigations, and security-related endpoint development on the Windows operating system.

The Endpoint Protection Content group plays a central role in fulfilling CrowdStrike's mission to

Stop Breaches

. Within the Content Research & Integration Tactical team (CRI-Tactical), we research the latest common vulnerabilities and exposures (CVEs) to develop tools and techniques that expand sensor visibility and explore ways to detect advanced malicious behavior on customer endpoint devices. Our goal is to enable the sensor to autonomously identify and stop N-day tools, techniques, and procedures where possible, and to provide useful visibility and guidance to security analysts when new previously unknown adversary activity occurs.

As a senior software engineer within the CRI Tactical team, you will be focused on the analysis and development of detections for attack techniques across supported Windows OS versions.

You'll work collaboratively to implement detection logic within the Falcon sensor which includes both user-mode and kernel-mode components that together observe system activity, recognize malicious behavior, provide on-box prevention and remediation capabilities, and send relevant security related telemetry to the Falcon Cloud.

You'll help find creative and resourceful ways to detect Windows specific threats while also helping to develop cross-platform features that leverage telemetry from common OS subsystems such as file system, memory, process, and network activity.

You'll get exposure to both user-mode and kernel-mode coding practices.

As a Senior Software Engineer, you'll function as a key resource and subject matter expert for other engineers within the team and across the company.

You'll collaborate with a wide range of other teams as you drive your own initiatives and assist with other projects.

You'll be expected to make significant contributions from the initial concept phase through design, implementation, release, and bugtail/support. We're looking for smart people who want to be challenged and take ownership of what they build.

What You'll Do:
Design and build detection logic and systems leveraged across teams within CrowdStrike to detect cyber attackers and stop breaches.

Extend our existing codebase and test suites utilizing C, C++, Python, and other tools as appropriate.

Brainstorm, define, and build collaboratively across multiple teams.

Build proof of concept triggers that can exercise common vulnerabilities and exposures

Obsess about learning, and champion the newest technologies & tricks with others, raising the technical IQ of the team.

Deliver and accept feedback with grace and courtesy.

Troubleshoot issues within the product when necessary, assisting customer support, test breaks, and release blockers.

Leverage your understanding of engineering best practices, including topics like secure coding, testing paradigms, effective peer code reviews, logging, and resilient architecture patterns, to ensure clean, supportable coding practices.

Be an energetic 'self-starter' who is empowered to take ownership and be accountable for deliverables, both individually and when leading a team.

What You'll Need:
Post-secondary education in computer science, engineering, or information security


OR
five (5) years of equivalent experience.

5+ years of experience with any of the following;
vulnerability research, analysis, and exploitation techniques,

attack surface analysis and risk management, or

software instrumentation, testing, and code coverage analysis

Low-level OS knowledge of Windows operating system internals, components, APIs, and design.

Proficiency in multiple programming languages including C, C++, and Python as well as familiarity with multiple processor architectures

Experience in network and packet capture analysis

Knowledge of cyber security practices, challenges, tools, and techniques

Team player – able to lead, mentor, communicate, collaborate, and work effectively in a globally distributed team.


Preferred Qualifications:
At least one of the following certifications is preferred:
Offensive Security Certified Professional (OSCP)

Offensive Security Certified Expert (OSCE)

Council of Registered Security Testers (CREST) Registered or Certified Professional certificate

SANS GIAC Penetration Tester, Web Application Penetration Tester, Exploit Researcher and Advanced Penetration Tester

Prior experience working with low-level code, such as OS kernel, firmware or device drivers.

Understanding of kernel-mode and multi-threaded concurrent systems development in any of our supported platforms, with an interest to grow skills in all of them.

Prior penetration testing experience.

Prior experience delivering software via agile processes.

Prior participation in cyber security challenges (e.g. CTFs).

#LI-Remote
#LI-NT1
#HTF

Benefits of Working at CrowdStrike:
Remote-first culture

Market leader in compensation and equity awards

Competitive vacation and flexible working arrangements

Comprehensive and inclusive health benefits

Physical and mental wellness programs

Paid parental leave, including adoption

A variety of professional development and mentorship opportunities

Offices with stocked kitchens when you need to fuel innovation and collaboration

We are committed to fostering a culture of belonging where everyone feels seen, heard, valued for who they are and empowered to succeed.

Our approach to cultivating a diverse, equitable, and inclusive culture is rooted in listening, learning and collective action.

By embracing the diversity of our people, we achieve our best work and fuel innovation - generating the best possible outcomes for our customers and the communities they serve.

CrowdStrike is committed to maintaining an environment of Equal Opportunity and Affirmative Action. If you need reasonable accommodation to access the information provided on this website, please contact

for further assistance.
CrowdStrike participates in the E-Verify program.
Notice of E-Verify Participation
Right to Work
CrowdStrike, Inc. is committed to fair and equitable compensation practices. The base salary range for this position in the U.S. is $130,000 - $205,000 per year + variable/incentive compensation + equity + benefits.

A candidate's salary is determined by various factors including, but not limited to, relevant work experience, skills, certifications and location.

Expected Close Date of Job Posting is:
Similar Jobs (3)

Software Engineer (C++), Discover (Remote)

locations

USA - Remote

time type

Full time

posted on

Posted 30+ Days Ago

Sr. Software Engineer - MacOS Sensor (Remote)

locations

USA - Remote

time type

Full time

posted on

Posted 30+ Days Ago

Sr. Software Engineer - Linux Detections (Remote)

locations

USA - Remote

time type

Full time

posted on

Posted 30+ Days Ago

CrowdStrike was founded in 2011 to fix a fundamental problem: The sophisticated attacks that were forcing the world's leading businesses into the headlines could not be solved with existing malware-based defenses.

Founder George Kurtz realized that a brand new approach was needed — one that combines the most advanced endpoint protection with expert intelligence to pinpoint the adversaries perpetrating the attacks, not just the malware.

#J-18808-Ljbffr