Threat Detection Engineer – Cloud (Remote, ROU)

#WeAreCrowdStrike and our mission is to stop breaches. As the global leader in cybersecurity, our team has changed the game. Since our founding, our industry-leading cloud-native platform has provided unmatched protection against the most advanced cyberattacks. We’re looking for individuals with boundless passion, a relentless focus on innovation, and a fanatical dedication to our customers to join us in shaping the future of cybersecurity. Consistently recognized as a top place to work, CrowdStrike is committed to cultivating an inclusive, remote-first culture that gives people the autonomy and flexibility to balance work-life demands while advancing their careers. Interested in working for a company that sets the standard and leads with integrity? Join us on a mission that matters — one team, one fight.

About the role:

The Cloud Content team is a key contributor to the Falcon Cloud Security Platform, charged with the critical mission of protecting cloud environments through innovative detection and response capabilities. This specialized team consists of cloud security experts, researchers, and detection engineers across time zones who work together to ensure our customers’ cloud workloads are safe from the ever-changing threats in the security landscape.

This role offers a unique opportunity to join a team with strategic importance to protect our customers from emerging threats and new attack methodologies in both cloud and Linux-based environments. You will stay at the forefront of the threat landscape and your research will directly impact the direction of the team and our product.

If you have a strong passion for security and technology, are interested in supporting technical projects, and want to gain hands-on experience dealing with advanced threat actors targeting cloud environments, we have a role for you!
Your contributions will help us continually improve CrowdStrike’s cloud detection capabilities, ensuring our customers are protected with the most advanced security measures.

What you will do:

Stay up to date with the latest threat landscape and cloud security trends by continuously updating detection strategies to address emerging threats and vulnerabilities
Rapid response to potential malicious campaigns or extensive exploitation of cloud runtime resources following vulnerability disclosure
Conduct proactive threat hunting exercises to identify potential security gaps and emerging threats in cloud environments
Track and present threat detection findings, including recommended strategies or potential product improvements
Develop, deploy, and optimize detections tailored to cloud runtime environments.
Collaborate with cross-functional teams: Work closely with various teams including OverWatch, engineering, product management, detection engineering, and threat intelligence to drive cloud detections on the Crowdstrike Falcon platform
As part of your role, you will be expected to write and publish regular blog posts and represent our company by speaking at various industry conferences to increase our visibility and community engagement.

What do you need:

You have an excellent knowledge of Linux-based systems.
You may have demonstrable experience in container/container orchestrator-based intrusion analysis, detection development or malware analysis,
You are comfortable reviewing cyber threat intelligence, open source intelligence, or partner reporting,
You have a keen interest in the field of security research (you follow blogs of experts in the subject, build a static and dynamic analysis environment),
You have knowledge of programming and scripting languages, in particular Python or Bash,
You have experience with large-scale data analysis,
You are able and comfortable communicating information to both technical and non-technical stakeholders,
You have a deep urge to ‘stop the bad guys’,
Good problem solving skills, communication skills and teamwork skills.

Bonus points:

You have insight into cloud-based infrastructure and cloud service models (IaaS, PaaS, Saas),
You have extensive experience in securing services running on public cloud services (Azure, AWS, Google Cloud),
You have a good understanding of managed Kubernetes services (AKS, EKS, GKS),
Contributing to the open source community (GitHub, Stack Overflow, blogging)
Published research articles at conferences or through other media (blogs, articles)

Benefits of working at CrowdStrike:

Culture of ‘at a distance’
Market leader in compensation and equity rewards with the ability to participate in ESPP in eligible countries
Competitive vacation and flexible work arrangements
Physical and mental well-being programs
Paid parental leave, including adoption
A variety of professional development and mentorship opportunities
Access to CrowdStrike University, LinkedIn Learning and Jhanna
Offices with well-stocked kitchens when you want to stimulate innovation and collaboration
Birthday free time in your own country
Work with people who are passionate about our mission and are globally Great Place to Work certified

CrowdStrike is proud to be an equal opportunity and affirmative action employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and has the opportunity to succeed. Our approach to cultivating a diverse, equitable, and inclusive culture is rooted in listening, learning, and collective action. By embracing the diversity of our people, we achieve our best work and drive innovation—creating the best possible outcomes for our clients and the communities they serve.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. If you require assistance accessing or viewing the information on this website or need assistance submitting an application or requesting an accommodation, please contact us at [email protected] for further assistance.

Originally posted on Himalaya