Senior Security Researcher, TAC Cloud

🕒 Maio 7

Candidatar-se

Encontrar Vagas Remotas Similares

Receber Emails de Vagas Remotas

📊 Verifique sua pontuação de currículo para esta vaga

Melhore suas chances de conseguir uma entrevista verificando sua pontuação de currículo antes de se candidatar.

Enviar Currículo

CrowdStrike

SiteLinkedInTodas as Vagas

5001 - 10000 funcionários

Fundada em 2011

🔒 Cibersegurança

☁️ SaaS

🤖 Inteligência Artificial

Cybersecurity • SaaS • Artificial Intelligence

A CrowdStrike é uma empresa de cibersegurança que oferece serviços de segurança em nuvem para impedir violações. É reconhecida como líder em proteção de endpoints, segurança de identidade e de nuvem, e detecção e resposta gerenciadas (MDR). A plataforma da CrowdStrike, Falcon, integra inteligência artificial para oferecer visibilidade, detecção e proteção em tempo real contra ameaças cibernéticas sofisticadas. A empresa é elogiada por sua eficácia na proteção de redes e dados, tornando-se um parceiro de confiança para empresas no mundo todo.

Descrição

• Technical Analysis: Reconstruct, investigate, and track cloud intrusions leveraging cloud service provider activity logs (AWS CloudTrail, Azure Activity Logs) and document findings • Enhance understanding of observed cloud activity by reproducing the activity in a test cloud environment • Create tools to automate analysis tasks and tracking of threat actors • Write cloud-activity-based (KQL, Amazon Athena), host-based (Yara) and network-based (Snort/Suricata) signatures suited for large-scale hunting, detection, and tracking of threats • Perform a technical analysis and reverse engineering of tools related to threat activity within the cloud environment or as part of cloud-conscious intrusions • Intelligence Reporting: Produce high-quality, actionable intelligence reporting • Collaborate with our interdisciplinary team to coordinate adversary and campaign tracking, and to provide support to teams developing mitigation strategies and responding to incidents

🎯 Requisitos

• Understanding of cloud security concepts in particular identity and access management (IAM) • Ability to reconstruct incidents based on cloud activity logs from at least one major cloud service provider (AWS, Azure, or GCP) • Ability to express complex technical and non-technical concepts in written, verbal and graphical products for all levels of readership, including actionable mitigation and detection guidance • Knowledge of programming and scripting languages, in particular Python • Knowledge of reverse engineering tools (disassemblers, decompilers, debuggers) and processes (unpacking malware, reconstructing code logic, etc) • Ability to identify and classify malicious tooling through development of signatures that can be used for tracking and hunting purposes • Ability to interpret raw network data and to develop network signatures, as well as custom protocol decoders and decryption tools • Be a team player • Bonus Points: Experience developing detections with KQL and Amazon Athena • Proven track record of relevant experience in the cloud security field • A background in intelligence is a plus • Relevant cloud certifications are a plus

🏖️ Benefícios

• Market leader in compensation and equity awards • Comprehensive physical and mental wellness programs • Competitive vacation and holidays for recharge • Paid parental and adoption leaves • Professional development opportunities for all employees regardless of level or role • Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections • Vibrant office culture with world class amenities • Great Place to Work Certified™ across the globe