Principal Consultant - Cloud Security Assessments

November 1

Apply Now

Receive Emails with Similar Jobs

CrowdStrike

WebsiteLinkedInAll Job Openings

Next-Generation Endpoint Protection • Endpoint Detection and Response • Next Generation Anti-Virus • Managed Threat Hunting • Incident Response

5001 - 10000

Description

• Actively contribute to a cloud assessment methodology - collaborate with leadership, research, and product teams to continuously improve and develop new analysis approaches. • Leverage scientific thinking, analytics, and threat intelligence to identify viable attack paths and contextualize risk in client cloud environments based on resource configurations and business context. • Develop tools, detections, and queries to work with large data sets at scale, including SIEM analytics, querying APIs, and automating repetitive tasks. • Manage client engagements, lead internal teams, and provide regular status updates to clients regarding project status and findings. • Analyze cloud security architecture and resource configurations to identify security weaknesses and misconfigurations that may expose cloud environments to threats. • Review identity plane configurations and advise clients about hardening authentication and authorization controls, including hybrid identity. • Conduct workshops with stakeholders to identify gaps in cloud security management practices and governance, including logging, workload security, DevSecOps, and network security. • Write queries and simple scripts to interact with APIs exposed by security tools and cloud control plane services. • Produce high-quality written and verbal reports, presentations, recommendations, and findings to key stakeholders including customer management, regulators, and legal counsel. • Demonstrate industry thought leadership through blog posts, CrowdCasts, and other public speaking events.

Requirements

• At least 6 years of hands-on experience in cloud engineering, DevOps, security, or cloud support roles. • A strong understanding of one or more of the following cloud platforms: Azure, M365, AWS, GCP, or OCI. • Familiarity with modern cloud workloads - DevOps, CICD pipelines, containers, and related security defenses and pitfalls. • Strong analytical skills, attention to details, and critical thinking skills • Excellent communication skills, including a strong ability to communicate executive and/or detailed level findings to clients; ability to effectively communicate tasks, guidance, and methodology with internal teams. • Incident Remediation: strong understanding of targeted attacks and able to create customized tactical and strategic remediation plans for compromised organizations related to major cloud platforms. • Cloud Incident Response: knowledge in AWS, Azure, M365, or GCP incident response methodologies. • An understanding of Kubernetes management plane, deployment models within public cloud environments, and container security. • Capable of completing technical tasks without supervision. • Desire to grow and expand both technical and soft skills. • Strong project management skills. • Contributing thought leader within the cloud security/incident response industry. • Ability to foster a positive work environment and attitude.

Benefits

• Remote-first culture • Market leader in compensation and equity awards • Competitive vacation and flexible working arrangements • Comprehensive and inclusive health benefits • Physical and mental wellness programs • Paid parental leave, including adoption • A variety of professional development and mentorship opportunities • Offices with stocked kitchens when you need to fuel innovation and collaboration