Engineer II, Threat Detection - Windows (Cybersecurity)
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
Engineer II, Threat Detection - Windows (Cybersecurity): Analyzing intrusions, threat campaigns, and malware to implement behavioral detection coverage on the Falcon sensor platform with an accent on high-fidelity endpoint detections and tactical analysis of nation-state actors. Focus on identifying detection gaps, optimizing Indicators of Attack (IOAs), and tuning signal-to-noise ratios at global scale.
Location: Hybrid in Sunnyvale, CA; must be eligible for CJIS clearance (U.S. citizenship or Green Card/permanent resident status)
Salary: $100,000 - $145,000 per year
Company
CrowdStrike is a global leader in cybersecurity providing an AI-native platform to stop breaches and protect large-scale distributed systems.
What you will do
- Analyze emerging threats, campaigns, and malware telemetry to identify detectable behaviors and coverage gaps.
- Author and optimize behavioral detection rules (Indicators of Attack) targeting adversary techniques on Windows endpoints.
- Query and analyze endpoint telemetry (process execution, registry, memory) to validate detection hypotheses.
- Manage detections through a structured lifecycle: development, validation, staged deployment, and production monitoring.
- Collaborate with threat intelligence and incident response teams to prioritize development based on active threat campaigns.
Requirements
- U.S. citizenship or Green Card/permanent resident status (required for CJIS clearance).
- Bachelor's degree or 4+ years of equivalent hands-on experience in detection engineering or threat analysis.
- Proficiency in Windows OS internals and APIs (process creation, registry, memory management).
- Experience with behavioral malware analysis, sandboxing, and EDR tooling.
- Scripting proficiency in Python for automation and knowledge of PowerShell and regular expressions.
- Solid working knowledge of common adversary TTPs and ability to translate intelligence into detection logic.
Nice to have
- Experience writing behavioral detection rules or signatures for endpoint security products (IOA/IOC logic).
- Familiarity with MITRE ATT&CK adversary tactics and techniques.
- Experience in a SOC environment tracking threat actors and responding to incidents.
- Contributions to the open-source community or published security research.
- Knowledge of agentic AI CLIs for detection engineering workflows.
Culture & Benefits
- Market leader in compensation and equity awards.
- Comprehensive physical and mental wellness programs.
- Competitive vacation, holidays, and paid parental/adoption leaves.
- Professional development opportunities for all employees.
- Vibrant office culture with world-class amenities.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →