Internal Investigations Analyst - SkillBridge (Remote) at CrowdStrike, Inc. in Sunnyvale, California
Posted in Other 7 days ago.
Job Description:
CrowdStrike, Inc.Full time
R21760
About The Role:
This Job Description is for DoD SkillBridge participation and is not eligible for direct hire.
CrowdStrike is looking for a highly motivated, self-driven Internal Investigations Analyst to support the Internal Risk Program via triage and investigation of detections and take action as appropriate (e.g. live response, containment, escalation, etc). This role is within our CSIRT team and is a remote position available to qualifying service members currently residing in the US.
CrowdStrike’s DoD SkillBridge / Career Skills Program (CSP) Internship is an approved SkillBridge Program under Dept. of Defense Instruction 1322.29 as enacted by 10 U.S.C. Sec 1143. Eligibility is restricted to members of the U.S. Armed Forces separating honorably with greater than 180 days of continuous Active Duty. SkillBridge/CSP period of eligibility is within the final 180 days of Active Duty service, and the SkillBridge/CSP must be completed prior to separation from Active Duty in the U.S. Armed Forces.
CrowdStrike’s DoD SkillBridge/CSP Internship is open to members of all services, and all ranks and experience levels. Service members should fully review SkillBridge/CSP Job Description for requirements and qualifications of the individual position.
SkillBridge participants participate in full time training with industry (40-hour work week) under permissive temporary duty military orders and are not eligible for compensation from CrowdStrike during SkillBridge participation, but will continue to receive all military wages and benefits as defined by the Department of Defense.
DoD SkillBridge/CSP is fully compliant with FLSA, DBA, SCA, CSHSSA and all other pertinent Federal and State labor laws. For more employer information regarding DoD SkillBridge/CSP, please visit the Department of Defense DoD SkillBridge website at https://skillbridge.osd.mil/
What You’ll Do:
Participate in confidential insider risk investigations
Create and implement insider risk related detections
Perform detailed and comprehensive investigations, reviewing data from multiple data sources to include, but not limited to, network, host, and open source
Communicate with end users regarding potential policy violations when appropriate
Assist in data recovery efforts through the creation of comprehensive intelligence reports on an as-needed basis
Provide senior leadership and executive level staff with complex information in a clear and concise manner regarding active investigations on an as-needed basis
Handling confidential or sensitive information with appropriate discretion
Assist in regular and sustained alert tuning efforts to minimize false positive results
Ensure that all investigations are properly documented and tracked in appropriate case management systems
Support Incident Response lifecycle via triage and investigation of detections and action as appropriate (e.g. live response, containment, escalation, etc.)
Develop detection criteria across a broad range of technologies and log sources
Identify coverage and efficiency gaps in available data and tooling
Provide information security reporting including security metrics as required
Participate in incident response and manage escalations as needed
Provide after-hours support on an on-demand basis
Drive efficient process development and documentation for all aspects of the Incident Response lifecycle
What You’ll Need:
Experience with data classification or risk scoring methodologies
Excellent verbal and written communication skills with a strong emphasis on attention-to-detail
Ability to manage multiple investigations simultaneously
Ability to work both independently as well as coordinate with multiple internal departments and Insider Risk Team members as needed
Experience responding to security events, including front-line analysis and escalation, of hacktivist, cybercrime, and APT activity
Theoretical and practical knowledge with Mac, Linux, and Windows operating systems
Theoretical and practical knowledge with TCP/IP networking and application layers
Experience with access/application/system log analysis, IDS/IPS alerting and data flow, and SIEM-based workflows
Experience with security data collection, processing, and correlation
Additionally, all candidates must possess the following qualifications:
Capable of completing technical tasks without supervision
Desire to grow and expand both technical and soft skills
Strong project management skills
Contributing thought leader within the incident response industry
Ability to foster a positive work environment and attitude
Requirements:
Meets DoD SkillBridge Qualifications
Current Active Duty Service Member
Available to participate 90-180 days
This role is only open to US citizens and Green Card holders
Preferred Skills:
Scripting experience highly desirable (Python, Perl, Bash, Power Shell, etc.)
Experienced user of Splunk
Experience with host and network forensics
Experience with basic static and behavioral malware analysis
Previous project management experience desirable
Education:
Pursuing an undergraduate degree or direct experience in information security, information systems, or computer science
Applicable security certifications (GCIA, GCIH, GCFA, GNFA, etc.)
US Citizenship required due to direct work related to GovCloud
Bonus Points:
Scripting experience highly desirable (Python, Perl, Bash, PowerShell, SQL, etc.)
Experienced user of Splunk
Experience with host and network forensics
Experience with basic static and behavioral malware analysis
Experience with user behavior analytics and profiling tools or methodologies
Experience with DLP tooling
Experience in creating and tuning alert or query logic to provide greater fidelity and eliminate false positives
Experience in data loss prevention, data classification, and knowledge of common data loss vectors
#LI-Remote
#LI-AM2
CrowdStrike is proud to be an equal opportunity and affirmative action employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. Our approach to cultivating a diverse, equitable, and inclusive culture is rooted in listening, learning and collective action. By embracing the diversity of our people, we achieve our best work and fuel innovation - generating the best possible outcomes for our customers and the communities they serve.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at recruiting@crowdstrike.com for further assistance.
Equal employment opportunity, including veterans and individuals with disabilities.
PI266058036
More jobs in Sunnyvale, California
|
Walmart
$117,000.00 - $234,000.00 per year
|
|
Walmart
$169,000.00 - $338,000.00 per year
|
|
Walmart
$117,000.00 - $234,000.00 per year
|
More jobs in Other
|
Snapon |
|
Nucor Corporation
$90,398.00 - $121,143.00 per year
|
|
Nucor Corporation
$20.00 - $32.99 per hour
|