CrowdStrikeRemote
Senior Intelligence Analyst, GTAC Vulnerability Mission
Germany
Full Time
1 week ago
Visa Sponsorship
Key skills
LinuxMacOS
About this role
Role Overview
- Identify threats, trends, and new developments in vulnerabilities and exploit behavior by adversaries while synthesizing raw intelligence and data from numerous data sources
- Identify and monitor the Tactics, Techniques, and Procedures (TTPs) employed by cyber threat actors that use exploits
- Digest, analyze, model and structure data relationships to support the identification and description of malicious activities.
- Apply understood analytic tradecraft to gathered intelligence in a consistent manner
- Produce finished intelligence analysis to internal and external customers through written reporting of varied depth on short deadlines, with minimal supervision
- Collaborate across teams to inform various functions within CrowdStrike about activity of interest and to coordinate adversary/campaign tracking
- Develop tools, processes, and technology to support predictive analysis of adversaries and tactics based on vulnerabilities/exploits.
- Identify intelligence gaps and submit requests for information to fill gaps
- Conduct briefings as needed for a variety of levels of customers as requested (via either phone, video conference, webcast, in-person briefing, or industry conference)
Requirements
- Minimum of 2-3 years’ experience in a threat intelligence environment
- Motivated self-starter with experience in the cyber threat intelligence field, preferably with experience in researching and reporting on exploits and exploit behavior by adversaries
- Ability to produce quality finished intelligence products on short deadlines, as well as continuing to maintain analysis for and report on long term strategic assessments
- Knowledge of analytic tradecraft including the production of intelligence assessments
- Basic knowledge of how vulnerabilities are discovered and exploits are developed, (e.g. understanding of common remote network exploitation and/or local privilege escalation techniques)
- Ability to identify and track adversary tradecraft and trends for actors of all types
- Experience with technical indicators from malware, logs, and/or PCAP through leveraging resources for analysis of infrastructure, samples, and link analysis.
- Familiarity or aptitude to learn basic signature writing (e.g .YARA, Snort, Zeek etc.)
- Knowledge of operating system fundamentals (e.g. Windows, Linux, macOS) and networking concepts
- Desire to extend knowledge on intelligence tradecraft and technical terminology relevant to vulnerability intelligence, as well as provide assistance to other members of the intelligence team.
- Previous experience as an All-Source intelligence analyst at a national level intelligence organization (bonus)
- General understanding of network and host log analysis with a foundational knowledge of Incident Response (IR) processes and procedures (bonus)
- Familiarity with EDR and SIEM solutions (bonus)
- Experience using, developing, deploying and honeypots (bonus)
Tech Stack
- Linux
- MacOS
Benefits
- Market leader in compensation and equity awards
- Comprehensive physical and mental wellness programs
- Competitive vacation and holidays for recharge
- Paid parental and adoption leaves
- Professional development opportunities for all employees regardless of level or role
- Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections
- Vibrant office culture with world class amenities
- Great Place to Work Certified™ across the globe