Threat Hunting Consultant - SkillBridge (Remote)
at CrowdStrike
Posted 8 hours ago
No clicks
- Compensation
- Not specified
- City
- Not specified
- Country
- United States
Currency: Not specified
CrowdStrike offers a DoD SkillBridge internship for service members to gain hands-on threat hunting experience. The role involves hunting for historical and active threats in enterprise environments, analyzing logs and artifacts, and delivering actionable remediation recommendations. You will contribute to maturing threat hunting capabilities through research, methodology, and scripting, and communicate findings through high-quality reports to technical audiences, management, and legal counsel. The program is DoD SkillBridge/CSP-based and not eligible for direct hire.
As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate an inclusive culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.
This Job Description is for DoD SkillBridge participation and is not eligible for direct hire.
CrowdStrike’s DoD SkillBridge / Career Skills Program (CSP) Internship is an approved SkillBridge Program under Dept. of Defense Instruction 1322.29 as enacted by 10 U.S.C. Sec 1143. Eligibility is restricted to members of the U.S. Armed Forces separating honorably with greater than 180 days of continuous Active Duty. SkillBridge/CSP period of eligibility is within the final 180 days of Active-Duty service, and the SkillBridge/CSP must be completed prior to separation from Active Duty in the U.S. Armed Forces.
CrowdStrike’s DoD SkillBridge/CSP Internship is open to members of all services, and all ranks and experience levels. Service members should fully review SkillBridge/CSP Job Description for requirements and qualifications of the individual position.
SkillBridge participants participate in full time training with industry (40-hour work week) under permissive temporary duty military orders and are not eligible for compensation from CrowdStrike during SkillBridge participation but will continue to receive all military wages and benefits as defined by the Department of Defense.
DoD SkillBridge/CSP is fully compliant with FLSA, DBA, SCA, CSHSSA and all other pertinent Federal and State labor laws. For more employer information regarding DoD SkillBridge/CSP, please visit the Department of Defense DoD SkillBridge website at https://skillbridge.osd.mil/
About the Role:
CrowdStrike is looking for a highly motivated, self-driven, service member dedicated to protecting organizations against the most advanced adversaries in the world. The candidate would be responsible for hunting for historical and active threats in enterprise environments and providing actionable recommendations to remediate findings.
What You’ll Do:
Analyze logs and system artifacts looking for evidence of adversary activity in enterprise environments.
Produce high-quality written and verbal reports, presentations, recommendations, and findings to key stakeholders, including technical audiences, management, and legal Counsel.
Contribute to developing and maturing threat hunting capabilities, including research, methodology, and scripting.
What You’ll Need:
Successful candidates will have experience in one or more of the following areas:
Threat Hunting: An understanding of Windows and Linux forensic artifacts and analysis methodologies, including program execution, persistence, file system, event logging, process analysis, and anomaly detection.
Analysis: Strong threat analysis skills, including hypothesis-driven analysis, IOC searching, long-tail analysis, correlation, and pivoting on findings, and time-lining threat activity.
Threat Intelligence: An understanding of targeted attacks, including tradecraft associated with eCrime and nation-state adversaries, and an ability to use intelligence for targeted IOC searching.
Scripting: An ability to create search queries and write simple scripts in Python or another scripting language.
Platform Architecture: A practical understanding of Windows and Linux operating systems, including file systems, registry, memory management, kernel and user-mode functions, identity, and process handling.
Networking: A practical understanding of network protocols and how data is handled at the various layers of the OSI model.
Identity: A familiarity with fundamental identity concepts, including Active Directory and associated protocols like Kerberos.
Communication: strong ability to communicate analysis findings to clients, including technical and executive audiences, and legal counsel.
Experience/training in the topics below is beneficial but not essential for consideration:
Incident Response: Incident response experience, especially with large-scale investigations involving e-Crime and nation-state actors.
Cloud Platforms: familiarity with one or more of the following cloud platforms: AWS, Azure, and GCP.
Incident Remediation: strong understanding of targeted attacks and an ability to create customized tactical and strategic remediation plans for compromised organizations.
Education:
BA or BS / MA or MS degree in Computer Science, Computer Engineering, Math, Information Security, Information Assurance, Information Security Management, Intelligence Studies, Cybersecurity, Cybersecurity Policy, or a related field. Applicants without a degree but with relevant work experience and/or training will be considered.
#LI-AC1
#LI-Remote
CrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program.
CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment. The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law. We base all employment decisions--including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs--on valid job requirements.
If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at recruiting@crowdstrike.com for further assistance.
