CrowdStrikeRemote
Red Team Technical Operations Engineer (Remote)
United States of America
Full Time
2 hours ago
H1B Sponsor Likely
Key skills
AIMLAnalyticsEvent StreamingDecision MakingCritical ThinkingProblem Solving
About this role
CrowdStrike is a global leader in cybersecurity, dedicated to stopping breaches with their advanced AI-native platform. The Red Team TechOps Engineer will support Professional Services Red Team activities, focusing on enhancing operational capabilities and developing testing systems for decision support.
Responsibilities:
- Build and maintain product testing systems that generate data for a decision support system
- Actively use systems to provide bespoke tactical intelligence to operators on engagements
- Respond to regular product updates to ensure capabilities are functional and resilient
- Development tasks that are both malware-oriented and platform-oriented
- Programming for Windows, Linux, and macOS platforms (user- and kernel-mode)
- Programming related to event streaming, telemetry post-processing, and build engineering
- Provide development and infrastructure support to improve overall offensive capabilities
- Review analytics data from sensors to guide the development of offensive tradecraft
- Develop initial access and post-exploitation capabilities (some evasive, some noisy)
- Contribute to capabilities to enhance operator decision making
- Proactively identify opportunities to improve workflows and processes
- Document completed development projects for operational use
- Share responsibilities on administration and infrastructure
Requirements:
- Strong problem solving and critical thinking skills
- Excellent oral and written communications skills in English
- 3+ years of relevant engineering experience (some skills will be learned on the job)
- Ability to recognize and demonstrate that stealth is relative
- Ability to factor human cognition when developing technical bypasses (e.g. reflexive control, IPb)
- Ability to maintain discretion related to sensitive work (both internally and externally)
- Ability to be receptive to peer review and conform to project-specific conventions
- Ability to explain topics you are familiar with at different abstraction levels
- Ability to manage development projects from conception to ongoing maintenance
- Ability to handle high pressure situations in a productive and professional manner
- Ability to simultaneously consider multiple (sometimes opposing) perspectives
- Ability to apply best practices (but flexible to bend conventions when appropriate)
- Ability to form conclusions driven by data and evidence, in addition to intuition
- Interest in knowing something about everything, and everything about something
- Interest in modeling decision-making processes used for selecting TTPs is a plus
- Interest in understanding adversary emulation beyond the execution of cyber TTPs
- Interest in understanding the dual-use nature of arbitrary technologies
- Interest in developing solutions with a systems thinking approach
- Interest in integrating knowledge from various non-cybersecurity domains is a plus
- Interdisciplinary educational background (outside of cybersecurity) is a plus
- Passion to understand and develop solutions requiring skills (from ASM to ML). You are not required to be an expert in every skill, but should maintain an interest in how they are connected