Software Assurance Engineer

About CrowdStrike

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.

About The Role

Help us protect CrowdStrike and its customers from the most advanced threats by assessing, designing, and implementing security controls and systems associated with all aspects of the software supply chain. CrowdStrike's Product Security team breaks the mold of traditional internal security, and focuses on active threats to CrowdStrike's products. As a Security Engineer you will perform technical security assessments of current and new pipelines, monitor for emerging vulnerabilities and anomalous system behaviors, create tooling for known gaps, and deploy large-scale security/monitoring systems. Additionally, you will be responsible for management of cross-cutting projects to further harden internal systems and processes against active and emerging threats.

What You'll Do

• Assess risk and provide security guidance to engineers across the company on systems and software implementations.
• Design and implement tools and processes to secure and monitor software build pipelines, including signing.
• Harden open source code usage, development, and distribution.
• Investigate systems and applications to understand and improve security posture.
• Advocate for best-security practices to the entire engineering organization.
• Manage end-to-end delivery of large-scale, cross-cutting security initiatives to harden CrowdStrike software supply chain systems and processes.

What You'll Need

• Experience working in an engineering role designing, implementing, and supporting security systems.
• Experience working with and securing configurations of Linux and/or other Unix-like variants.
• Proficiency in one or more common scripting languages, such as shell, Python, Golang, javascript, etc.
• Domain knowledge of networking, software development lifecycle management, secure coding practices and reviews, and system hardening.
• Understanding of software build pipeline applications, systems, and processes.
• Working experience with CICD pipelines and associated tools like Jenkins, Argo CD, etc.
• Experience leading large, cross-team projects and initiatives.
• Familiarity with TLS best practices, ciphers, software signing operations, and public/private key infrastructure implementations and security.

Bonus Points

• Experience with common monitoring or log aggregation tools such as LogScale, Splunk, DataDog, Prometheus, etc.
• Experience with source control management tools like GitHub, BitBucket, etc. Both as a user and an administrator.
• Experience with common artifact storage tools like Artifactory and S3.
• Experience working in and secure configurations of large-scale cloud platforms with highly concurrent systems.
• Self-motivated to identify security problems and engage with teams to find solutions.
• Efficient communicator with strong writing skills, experience working remotely.
• Experience scripting groovy pipelines and using REST APIs.
• Experience working at a very large scale.

Benefits Of Working At CrowdStrike

• Market leader in compensation and equity awards
• Comprehensive physical and mental wellness programs
• Competitive vacation and holidays for recharge
• Paid parental and adoption leaves
• Professional development opportunities for all employees regardless of level or role
• Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections
• Vibrant office culture with world class amenities
• Great Place to Work Certified™ across the globe

Key skills/competency

• Software Assurance Engineer
• Cybersecurity
• Product Security
• Security Engineering
• Software Supply Chain Security
• CI/CD Pipelines
• System Hardening
• Vulnerability Assessment
• Scripting (Python, Golang, Shell)
• Linux/Unix Security