Назад
21 час назад

Engineer II, Threat Detection - Windows (Cybersecurity)

100 000 - 145 000$
Формат работы
hybrid
Тип работы
fulltime
Грейд
middle
Английский
b2
Страна
US
Вакансия из списка Hirify.GlobalВакансия из Hirify RU Global, списка компаний с восточно-европейскими корнями
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Engineer II, Threat Detection - Windows (Cybersecurity): Analyzing intrusions, threat campaigns, and malware to implement behavioral detection coverage on the Falcon sensor platform with an accent on high-fidelity endpoint detections and tactical analysis of nation-state actors. Focus on identifying detection gaps, optimizing Indicators of Attack (IOAs), and tuning signal-to-noise ratios at global scale.

Location: Hybrid in Sunnyvale, CA; must be eligible for CJIS clearance (U.S. citizenship or Green Card/permanent resident status)

Salary: $100,000 - $145,000 per year

Company

CrowdStrike is a global leader in cybersecurity providing an AI-native platform to stop breaches and protect large-scale distributed systems.

What you will do

  • Analyze emerging threats, campaigns, and malware telemetry to identify detectable behaviors and coverage gaps.
  • Author and optimize behavioral detection rules (Indicators of Attack) targeting adversary techniques on Windows endpoints.
  • Query and analyze endpoint telemetry (process execution, registry, memory) to validate detection hypotheses.
  • Manage detections through a structured lifecycle: development, validation, staged deployment, and production monitoring.
  • Collaborate with threat intelligence and incident response teams to prioritize development based on active threat campaigns.

Requirements

  • U.S. citizenship or Green Card/permanent resident status (required for CJIS clearance).
  • Bachelor's degree or 4+ years of equivalent hands-on experience in detection engineering or threat analysis.
  • Proficiency in Windows OS internals and APIs (process creation, registry, memory management).
  • Experience with behavioral malware analysis, sandboxing, and EDR tooling.
  • Scripting proficiency in Python for automation and knowledge of PowerShell and regular expressions.
  • Solid working knowledge of common adversary TTPs and ability to translate intelligence into detection logic.

Nice to have

  • Experience writing behavioral detection rules or signatures for endpoint security products (IOA/IOC logic).
  • Familiarity with MITRE ATT&CK adversary tactics and techniques.
  • Experience in a SOC environment tracking threat actors and responding to incidents.
  • Contributions to the open-source community or published security research.
  • Knowledge of agentic AI CLIs for detection engineering workflows.

Culture & Benefits

  • Market leader in compensation and equity awards.
  • Comprehensive physical and mental wellness programs.
  • Competitive vacation, holidays, and paid parental/adoption leaves.
  • Professional development opportunities for all employees.
  • Vibrant office culture with world-class amenities.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →