Principal Consultant Incident Response

Principal Consultant Incident Response at CrowdStrike

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.

About The Role

CrowdStrike is looking for highly motivated, self-driven, technical consultants dedicated to making a difference in global security by protecting organizations against the most advanced attackers in the world. Our CrowdStrike Services team offers opportunities to expand your skill set through a wide variety of engagements including front page incident response investigations for organizations you’ll find on the annual Fortune 100 list.

Am I a Principal Consultant Candidate?

• Do you find yourself interested in and keeping up with the latest vulnerabilities and breaches?
• Are you self-motivated and looking for an opportunity to rapidly accelerate your skills?
• Do you crave new and innovative work that actually matters to your customer?
• Do you have an Incident Response or Information Security background that you’re not fully utilizing?
• Are you capable of leading teams and interacting with customers?
• Do you love working around like-minded, smart people who you can learn from and mentor on a daily basis?

What You'll Do

• Lead incident response engagements.
• Develop and use new methods to hunt for bad actors across large sets of data.
• Work under the direction of outside counsel to conduct intrusion investigations.
• Perform host and/or network-based forensics across Windows, Mac, and Linux platforms.
• Perform basic malware analysis.
• Produce high-quality written and verbal reports, presentations, recommendations, and findings to key stakeholders including customer management, regulators, and legal counsel.
• Demonstrate industry thought leadership through blog posts, CrowdCasts, and other public speaking events.

What You'll Need

Successful candidates will have experience in one or more of the following areas:

• Team leadership experience in a matrixed consulting environment.
• Incident Response: experience conducting or managing incident response investigations for organizations, investigating targeted threats such as the Advanced Persistent Threat, Organized Crime, and Hacktivists.
• Computer Forensic Analysis: a background using a variety of forensic analysis tools in incident response investigations to determine the extent and scope of compromise.
• Network Forensic Analysis: strong knowledge of network protocols, network analysis tools like Bro/Zeek or Suricata, and ability to perform analysis of associated network logs.
• Reverse Engineering: ability to understand the capabilities of static and dynamic malware analysis.
• Incident Remediation: strong understanding of targeted attacks and able to create customized tactical and strategic remediation plans for compromised organizations.
• Network Operations and Architecture/Engineering: strong understanding of secure network architecture and strong background in performing network operations.
• Cloud Incident Response: knowledge in any of the following areas: AWS, Azure, GCP incident response methodologies.
• Communications: strong ability to communicate executive and/or detailed level findings to clients; ability to effectively communicate tasks, guidance, and methodology with internal teams.

Additionally, All Candidates Must Possess The Following Qualifications

• Capable of completing technical tasks without supervision.
• Desire to grow and expand both technical and soft skills.
• Strong project management skills.
• Contributing thought leader within the incident response industry.
• Ability to foster a positive work environment and attitude.
• Ability to travel on short notice, up to 30% of the time.

Education

BA or BS / MA or MS degree in Computer Science, Computer Engineering, Math, Information Security, Information Assurance, Information Security Management, Intelligence Studies, Cybersecurity, Cybersecurity Policy, or a related field. Applicants without a degree but with relevant work experience and/or training will be considered.

Benefits Of Working At CrowdStrike

• Market leader in compensation and equity awards.
• Comprehensive physical and mental wellness programs.
• Competitive vacation and holidays for recharge.
• Paid parental and adoption leaves.
• Professional development opportunities for all employees regardless of level or role.
• Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections.
• Vibrant office culture with world class amenities.
• Great Place to Work Certified™ across the globe.

Compensation

The base salary range for this position for all U.S. candidates is $140,000 - $195,000 per year, with eligibility for bonuses, equity grants and a comprehensive benefits package that includes health insurance, 401k and paid time off.

Key skills/competency

• Incident Response Leadership
• Computer Forensics
• Network Forensics
• Malware Analysis
• Threat Hunting
• Cloud Security (AWS, Azure, GCP)
• Client Communication
• Project Management
• Security Architecture
• Cybersecurity Consulting