CrowdStrike
Next-Generation Endpoint Protection • Endpoint Detection and Response • Next Generation Anti-Virus • Managed Threat Hunting • Incident Response
Threat Analyst II - Machine Learning Operations and Response
December 12
CrowdStrike
Next-Generation Endpoint Protection • Endpoint Detection and Response • Next Generation Anti-Virus • Managed Threat Hunting • Incident Response
Description
• Analyze malware and detections by investigating individual customer detection tickets • Review current product detections to ensure they are performing to the company standard • Perform tasks to enable better management of false positive detections • Analyze binary files to determine their legitimacy • Address internal questions and concerns regarding customer threat detections • Review Machine Learning predictions
Requirements
• Exposure and understanding of different types and functionality of malware • General knowledge of reverse engineering malware, or malware operations • Fundamental understanding of attributes of binary files such as imports/exports and packers • Ability to demonstrate practical knowledge of research/collection skills and analytical methods • General understanding of threat/risk management and threat/risk assessment • Familiarity with various operating systems • Knowledge of one scripting language, Python, Bash or PowerShell • Ability to break down complex problems into workable components • Experience with threat detections by Machine Learning • BA/BS or MA/MS degree or equivalent experience in Computer Science, Information Security, or a related field • Bonus Points: • Experience in a security operations center or similar environment responding to incidents • Good understanding of Windows OS internals and the Windows API • Knowledge of MacOS and/or Linux OS • Familiarity with tools used in targeted and criminal cyber-intrusions • A background in exploit and vulnerability analysis • Knowledge of programming C, C++, Java, assembly or GoLang • If you have experience in using a post-exploitation framework (for example Metasploit) • Splunk, SIEM or Elastic knowledge • MITRE ATT&CK Framework knowledge
Benefits
• Remote-friendly and flexible work culture • Market leader in compensation and equity awards • Comprehensive physical and mental wellness programs • Competitive vacation and holidays for recharge • Paid parental and adoption leaves • Professional development opportunities for all employees regardless of level or role • Employee Resource Groups, geographic neighbourhood groups and volunteer opportunities to build connections • Vibrant office culture with world class amenities • Great Place to Work Certified™ across the globe
Apply Now