• Analyze complex information systems to understand associated cybersecurity risks and provide proactive identification of security events. • Conduct hypothesis-driven threat hunts, detect suspicious activity, and support the identification and investigation of potential security incidents. • Partner with SOC and incident response teams to validate findings, document outcomes, and recommend improvements to monitoring coverage and investigative processes. • Contribute to insider threat monitoring by identifying anomalous user behavior, credential misuse, and suspicious data access or movement patterns, escalating concerns through appropriate channels.

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you. About Product Group: The CrowdStrike Malware Research Center is the core of Falcon’s malware detection and response capabilities. The team has a focus on understanding the threat landscape and sets the target for what Falcon should be identifying and preventing. Additionally, the MRC is responsible for understanding our capabilities, and mapping how well our machine learning and behavioral protection capabilities are doing against those threats. Where there is a gap, the MRC takes action to improve our detection stance, and improve our overall protection story. MRC also performs pathfinding research to enable technology development using innovation, prototyping and bleeding edge machine learning to support our flagship Falcon product. There are many parts of CrowdStrike working towards protecting customer environments, and the MRC works across all of them to ensure we are on target and providing the best protection for our current Threat landscape. About the Role: Leading the charge for understanding the activity of malware today is the Threat Research team. With a focus on malware research, the primary role of the team is to understand relevant threats and techniques used in malware that are threatening our customer’s business. The challenge is the enormous scale of malware today and sheer number of samples required to be addressed. This takes a more creative approach than traditional Anti-Virus research, focusing on one sample at a time. The modern threat lab requires an economy of scale through automation and machine learning to allow people to focus on new learnings, and let systems continue to identify malware based on what the team has learned. What You’ll Do: The Threat Reseacher will take input from many sources and validate if those threats are something Falcon can mount an effective defense against. The analysis can range from simple execution and review of the behaviors to reverse engineering. As Falcon is first a behavior based system, understanding how the threat is working and what it is doing to interact with the host environment can be important. The Threat Analyst will be expected to use the appropriate technique to efficiently understand the threat to identify how to best mitigate it. The Threat Analyst will work with other stakeholders and create automations for processing large numbers of samples. The analyst needs to have a good understanding of various file formats and familiarity with unpacking of common packers. Additionally, this role will be looked on as the go to person when the team needs to quickly process a large amount of samples with custom parsers or create custom file type specific processing workflows. Leaning on a proven track record of threat analysis, the successful candidate will be comfortable working to focus on the appropriate threats and identifying automation opportunities. As the gateway to the response organization for many new threats, good cross team collaboration skills are important. Clear, effective communication of technical details in a means which is actionable is the key to success. Another aspect of the position is to define and automate processes to reduce time and manual effort in the analysis of threats. Like communicating the threat details, prioritizing automation tasks and features will help define success of the role. The analyst needs to understand the bigger picture of threat analysis and work with stakeholders to reduce manual steps. The team will look to the successful candidate to help define and prioritize the roadmap for analysis automation and implementation. These are the tools and systems which will ultimately automate manual data collection so more time can be spent on understanding the threat. What You’ll Need: - Bachelors or Masters in Computer Science or comparable field. - 8+ year’s experience in the threat research field with a focus on malware analysis and research automations. - Knowledge of various executable file formats and ability to create parsers is a must. - Experience in one or more high level programming languages (Python, Go, Rust, etc.) is preferred - Experience in working with relational and non-relational/NoSQL databases technologies like MySQL, Cassandra, ElasticSearch is a plus. - Some experience with building scalable sample processing solutions. - A reasonable level of proficiency in static and behavioral analysis of Malware. - A working knowledge of Malware Sandboxing technology, AMSI, ETW and API hooking work is a plus. #LI-VJ1 #LI-Remote Benefits of Working at CrowdStrike: - Market leader in compensation and equity awards - Comprehensive physical and mental wellness programs - Competitive vacation and holidays for recharge - Paid parental and adoption leaves - Professional development opportunities for all employees regardless of level or role - Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections - Vibrant office culture with world class amenities - Great Place to Work Certified™ across the globe CrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program. CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment. The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law. We base all employment decisions--including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs--on valid job requirements. If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at recruiting@crowdstrike.com for further assistance.

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you. About the Role: As a Senior Threat Researcher, you will be a technical leader and subject matter expert within the Threat Research team, driving innovation in threat detection and response capabilities. This is an individual contributor position focused on technical excellence and thought leadership, requiring deep expertise in reverse engineering, malware analysis, and automation. You will take ownership of the most complex threats facing CrowdStrike customers, architect scalable automation solutions, and serve as a technical mentor to researchers across all experience levels. Your work will directly influence the direction of threat research methodologies, tooling, and detection strategies that protect millions of endpoints worldwide. About the team: The CrowdStrike Malware Research Center is the core of Falcon's malware detection and response capabilities. The team has a focus on understanding the threat landscape and sets the target for what Falcon should be identifying and preventing. Additionally, the MRC is responsible for understanding our capabilities, and mapping how well our machine learning and behavioral protection capabilities are doing against those threats. Where there is a gap, the MRC takes action to improve our detection stance, and improve our overall protection story. MRC also performs pathfinding research to enable technology development using innovation, prototyping and bleeding edge machine learning to support our flagship Falcon product. There are many parts of CrowdStrike working towards protecting customer environments, and the MRC works across all of them to ensure we are on target and providing the best protection for our current Threat landscape. Leading the charge for understanding the activity of malware today is the Threat Research team. With a focus on malware research, the primary role of the team is to understand relevant threats and techniques used in malware that are threatening our customer's business. The challenge is the enormous scale of malware today and sheer number of samples required to be addressed. This takes a more creative approach than traditional Anti-Virus research, focusing on one sample at a time. The modern threat lab requires an economy of scale through automation and machine learning to allow people to focus on new learnings, and let systems continue to identify malware based on what the team has learned. What You'll Do: - Take ownership of critical technical initiatives and architect scalable automation solutions for malware analysis at scale - Serve as a technical mentor to researchers across all experience levels, helping to elevate team capabilities through knowledge sharing and technical guidance - Work independently on the most challenging and complex threats, performing deep reverse engineering and analysis - Collaborate cross-functionally with Engineering, Product, and Detection teams to translate research findings into production capabilities - Design proof-of-concept automation solutions and effectively hand off to engineering teams for production implementation - Directly influence the direction of threat research methodologies, tooling, and detection strategies across the organization - Drive technical excellence and thought leadership within the team, setting standards for analysis quality and automation practices - Build and optimize scalable automation pipelines, including integration with sandbox environments, YARA rule generation, and threat intelligence platforms - Produce high-quality technical documentation and reports that effectively communicate complex technical concepts to diverse audiences What You'll Need: - Bachelor's or Master's degree in Computer Science or comparable field - 12+ years of experience in the threat research field with a focus on malware analysis and reverse engineering - Strong reverse engineering skills on file-based threats, with demonstrated ability to deliver high-quality, in-depth analysis - Solid proficiency in disassembly and deep understanding of structured programming, compiler behaviors, and binary analysis techniques. Experience with reverse engineering tools such as IDA Pro, Ghidra, Binary Ninja, x64Dbg, or similar platforms - Experience in using machine learning and artificial intelligence for static and dynamic threat detection, including understanding of ML pipelines and model deployment in production environments - Strong understanding of file formats for compiled code and scripted files, with ability to analyze and contribute to parsers and feature extraction tools - Proficiency in multiple programming languages such as Python, Go, Rust, C++, or similar, with demonstrated ability to build production-quality automation tools and systems - Deep familiarity with multiple major Operating Systems (Windows, Linux, Mac), with in-depth knowledge of OS internals, kernel behaviors, and how host systems function at a technical level - Experience working with large data sets using tools like Splunk, ElasticSearch-Kibana, or similar platforms, along with knowledge of relational (MySQL, PostgreSQL) and non-relational/NoSQL databases (MongoDB, Cassandra, ElasticSearch) - Experience in building scalable automation pipelines for malware analysis, including integration with sandbox environments, YARA rule generation, and threat intelligence platforms - Deep working knowledge of malware-based automation workflows and techniques, with demonstrated ability to architect end-to-end automation solutions - Strong understanding of MITRE ATT&CK framework to describe and categorize threat behaviors - Strong technical communication and writing skills with ability to articulate complex technical concepts clearly and concisely to both technical and non-technical audiences - Track record of mentoring and providing technical guidance to researchers at all levels - Ability to influence technical direction and research strategy through deep expertise and thought leadership Bonus Points: - Experience leveraging Generative AI and Large Language Models for threat research automation workflows, including malware analysis, report generation, and threat intelligence synthesis - Proven ability to design and implement AI-powered automation solutions that enhance team productivity and scale threat research capabilities - Understanding of prompt engineering, AI model integration, and the application of GenAI tools in cybersecurity contexts - Proficiency in data visualization and statistical analysis techniques for threat intelligence and research insights - Additional reverse engineering expertise around file-less threats, exploits, rootkits, and advanced attack techniques - Experience working with certification partners like AV-Test, AV-Comparatives, SE Labs LI-VJ1 LI-Remote Benefits of Working at CrowdStrike: - Market leader in compensation and equity awards - Comprehensive physical and mental wellness programs - Competitive vacation and holidays for recharge - Paid parental and adoption leaves - Professional development opportunities for all employees regardless of level or role - Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections - Vibrant office culture with world class amenities - Great Place to Work Certified™ across the globe CrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program. CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment. The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law. We base all employment decisions--including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs--on valid job requirements. If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at recruiting@crowdstrike.com for further assistance.

Dragos is on a relentless mission to defend industrial organizations that provide us with the necessities of modern civilization; running water, functioning electricity, and safe industrial working environments. As the market leader in ICS/OT Cybersecurity, we are dedicated to arming our customers with best-in-class technology, threat intelligence, and services to protect their systems as effectively and efficiently as possible. We’re a remote-first culture with operations in North America, Europe, the Middle East, and APAC. We’re looking for mission-oriented teammates who embody our core values of authenticity, transparency, and trust. Are you ready to make a difference? Come join a mission that can save the world! About the Role: As a Senior OT Threat Hunter on the OT Watch team, you will play a key role in delivering Dragos’ proactive threat hunting service, focused on identifying adversary activity within customer OT environments using the Dragos Platform. Leveraging deep visibility into OT networks and your industrial domain expertise, you will uncover sophisticated threats and help drive continuous improvements to the threat hunting program. You will independently lead hunt operations, serve as an escalation point for the team, and collaborate closely with Intelligence, Services, Product, and Engineering partners to enhance detections and overall capabilities. You will also act as a trusted advisor to customers during critical security events, providing clear, actionable guidance grounded in technical analysis. Responsibilities: - Lead independent, hypothesis‑driven threat hunting operations across customer ICS/OT environments, investigating suspicious network behaviors to identify adversaries, anomalies, and misconfigurations. - Serve as the primary escalation point for high‑severity events detected in the Dragos Platform, guiding OT Hunters and Security Analysts through triage, analysis, and response. - Communicate critical findings directly to customers, providing clear, actionable remediation guidance and confidently addressing technical questions during security events. - Tune and optimize Dragos Platform configurations and distributed hunt profiles to improve detection fidelity, reduce noise, and validate detection triggers based on operational findings. - Develop and refine original hunt hypotheses, content, and workflows, and provide structured feedback to Detection Engineering and Intelligence teams to enhance detections, IOCs, and threat intelligence outputs. - Contribute to operational reporting and incident summaries, support custom reporting needs, and mentor junior team members to promote technical rigor, knowledge sharing, and continuous improvement across the team. Qualifications: - 5+ years of experience in threat hunting, security monitoring, or incident response within ICS/OT environments. - Strong understanding of networking concepts (e.g., TCP/IP, firewalls, DNS, packet analysis) and OT-specific protocols (e.g., Modbus, DNP3, Ethernet/IP). - Experience with PCAP analysis, IDS/IPS, SIEM platforms, or other network traffic analysis tools in an OT context. - Deep familiarity with adversary tactics, techniques, and procedures (TTPs) relevant to OT environments, including MITRE ATT&CK for ICS. - Familiarity with threat intelligence workflows, including consumption and feedback loops with intelligence and detection engineering teams. - Proven ability to communicate complex security findings to clients and internal stakeholders, both verbally and in writing. - Experience acting as a technical escalation point or senior contributor in a security operations or threat hunting context. - Ability to work independently and lead efforts in a remote, distributed team environment. Compensation: - Salary: 150,000 AUD - Competitive Equity Package - Comprehensive Benefits Plan #LI-JF1 #LI-REMOTE Dragos is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, orientation, national origin, age, disability, genetics, or any other basis forbidden under federal, state, or local laws. All new hires must pass a background check as a condition of employment.