Threat Researcher - Pune, Maharashtra, India - CrowdStrike

CrowdStrike

Verified Company

Pune, Maharashtra, India

1 week ago

Posted by:

Deepika Kaur

beBee Recuiter

Description

#WeAreCrowdStrike and our mission is to stop breaches. As a global leader in cybersecurity, our team changed the game. Since our inception, our market leading cloud-native platform has offered unparalleled protection against the most sophisticated cyberattacks. We're looking for people with limitless passion, a relentless focus on innovation and a fanatical commitment to the customer to join us in shaping the future of cybersecurity. Consistently recognized as a top workplace, CrowdStrike is committed to cultivating an inclusive, remote-first culture that offers people the autonomy and flexibility to balance the needs of work and life while taking their career to the next level. Interested in working for a company that sets the standard and leads with integrity? Join us on a mission that matters - one team, one fight.

About the Role:
Leading the charge for understanding the activity of malware today is the Threat Research team.

With a focus on malware research, the primary role of the team is to understand relevant threats and techniques used in malware that are threatening our customer's business.

The challenge is the enormous scale of malware today and sheer number of samples required to be addressed. This takes a more creative approach than traditional Anti-Virus research, focusing on one sample at a time.

The modern threat lab requires an economy of scale through automation and machine learning to allow people to focus on new learnings, and let systems continue to identify malware based on what the team has learned.

About Product Group:
The CrowdStrike Malware Research Center is the core of Falcon's malware detection and response capabilities.

The team has a focus on understanding the threat landscape and sets the target for what Falcon should be identifying and preventing.

Additionally, the MRC is responsible for understanding our capabilities, and mapping how well our machine learning and behavioral protection capabilities are doing against those threats.

Where there is a gap, the MRC takes action to improve our detection stance, and improve our overall protection story.

MRC also performs pathfinding research to enable technology development using innovation, prototyping and bleeding edge machine learning to support our flagship Falcon product.

There are many parts of CrowdStrike working towards protecting customer environments, and the MRC works across all of them to ensure we are on target and providing the best protection for our current Threat landscape.

What You'll Do:

The Threat Analyst will take input from many sources and validate if those threats are something Falcon can mount an effective defense against.
The analysis can range from simple execution and review of the behaviors to reverse engineering.
As Falcon is first a behavior based system, understanding how the threat is working and what it is doing to interact with the host environment can be important.
The Threat Analyst will be expected to use the appropriate technique to efficiently understand the threat to identify how to best mitigate it.
The Threat Analyst will work with other stakeholders and create automations for processing large numbers of samples.
The analyst needs to have a good understanding of various file formats and familiarity with unpacking of common packers.
As the gateway to the response organization for many new threats, good cross team collaboration skills are important.
Clear, effective communication of technical details in a means which is actionable is the key to success.
Automate processes to reduce time and manual effort in the analysis of threats.
The analyst needs to understand the bigger picture of threat analysis and work with stakeholders to reduce manual steps.
This role will be looked on as the go to person when the team needs to quickly process a large amount of samples with custom parsers or create custom file type specific processing workflows.

What You'll Need:

Bachelors or Masters in Computer Science or comparable field. 10+ year's experience in the threat research field with a focus on malware analysis and research automations.
Knowledge of various executable file formats and ability to create parsers is a must.
Experience in one or more high level programming languages (Python, Go, Rust, etc.) is preferred
Experience in working with relational and nonrelational/NoSQL databases technologies like MySQL, Cassandra, ElasticSearch is a plus.
Some experience with building scalable sample processing solutions.
A reasonable level of proficiency in static and behavioral analysis of Malware.
A working knowledge of Malware Sandboxing technology, AMSI, ETW and API hooking work is a plus.

LI-VJ1

LI-Remote

Benefits of Working at CrowdStrike:

Remotefirst culture
Market leader in compensation and equity awards with option to participate in ESPP in eligible countries
Competitive vacation and flexible working arrangements
Physical and mental wellness programs
Paid par