CrowdStrike
Next-Generation Endpoint Protection • Endpoint Detection and Response • Next Generation Anti-Virus • Managed Threat Hunting • Incident Response
Emerging Threats Intelligence Analyst Intern - Remote
Yesterday
CrowdStrike
Next-Generation Endpoint Protection • Endpoint Detection and Response • Next Generation Anti-Virus • Managed Threat Hunting • Incident Response
Description
• This is a highly technical position on one of two teams within the Technical Analysis Cell (TAC), at the forefront of CrowdStrike's mission against nation state and criminal adversaries. • Both teams are tasked with investigating, reconstructing and reverse engineering newly discovered, malicious artefacts and documenting analysis results as a stream of intelligence reporting. • We are often the first to analyze previously unknown threats. • One team encounters mobile malware (primarily APKs); The other team analyses cloud activity logs; We respond quickly when needed and perform equally well at conducting detailed analysis. • Communication and collaboration with other teams of CrowdStrike is highly important to facilitate this. • As distributed international teams, we are looking for an energetic self-starter with the ability to take ownership and be accountable for deliverables while at the same time supporting and helping to improve upon our analysis workflow. • Maintain a detailed understanding of the technical details of cloud intrusions through analyzing cloud provider activity logs, such as AWS CloudTrail and Azure Activity Logs. • Convert your understanding to an intelligence report. • Create tools to automate analysis tasks and tracking of threat actors. • Contribute to active mitigation efforts with technical expertise. • Track relations between new threats and existing actors using in-house tools. • Document threat evolutions and intelligence gaps for the broader Intelligence Team. • Create host-based and network-based signatures suited for large-scale hunting, detection, and tracking of threats.
Requirements
• Familiarity with at least one cloud service provider (AWS, Azure, GCP) as a user e.g., creating identities • Investigative mindset • Team player: someone who is eager to help, teach, and learn from others • Strong problem-solving skills • Independent Learner • Knowledge of programming and scripting languages, in particular Python • Ability to express complex technical and non-technical concepts • Understanding of identity and access management for at least one major cloud service provider (AWS, Azure, GCP) • Familiarity with at least one major cloud service provider’s (AWS, Azure, GCP) cloud activity logs e.g. CloudTrail, Azure Activity logs, GCP Audit Logs • Team player: someone who is eager to help, teach, and learn from others • Malware-analysis or knowledge of reverse-engineering principles • First exposure to analysing malware targeting mobile devices • Ability to reconstruct incidents based on cloud activity logs from at least one major cloud service provider (AWS, Azure, or GCP) • Strong problem-solving skills • Ability to express complex technical and non-technical concepts • Ability to learn new analysis techniques quickly, especially when faced with less-common file types • Solid writing skills • Knowledge of programming and scripting languages, in particular Python • Solid understanding of mobile platforms • Dynamic instrumentation frameworks • Experience identifying and classifying malicious tooling through development of signatures that can be used for tracking and hunting purposes • Familiarity with at least a couple of the following tools and languages; IDA Ghidra JEB WinDbg x86dbg/x64dbg Parallels or Virtual Box Java C/C++ Rust Golang C# .NET
Benefits
• Remote-friendly and flexible work culture • Market leader in compensation and equity awards • Paid holidays (including birthday holidays) and 401k matching • Professional development opportunities including workshops, tech talks, and Executive Speaker Series • Assigned mentors from across the company for continuous support and feedback • Participation in companywide initiatives including ERGs, FalconFIT, Wellness Programs, and Employee Assistance Program • Employee Resource Groups, geographic neighbourhood groups and volunteer opportunities to build connections • Vibrant office culture with world class amenities • Ownership of impactful projects that move the company forward • Great Place to Work Certified™ across the globe
Apply Now