CrowdStrike has redefined security with the world’s most advanced cloud-native platform that protects and enables the people, processes and technologies that drive modern enterprise. Tested and proven, the world's largest organizations trust CrowdStrike to stop breaches with unparalleled protection against the most sophisticated cyberattacks. The CrowdStrike culture has been built upon our Core Values since the day we began. We are Fanatical About the Customer, Relentlessly Focused on Innovation and believe that our Limitless Passion drives Unlimited Potential for every CrowdStriker. As a purpose-built remote-first company, we believe cultivating a connected culture for every employee, no matter where they are in the world, is a key ingredient in building a high-performing, diverse team. We don’t have a mission statement. We’re on a mission—to stop breaches. Ready to join a mission that matters?
Security Engineer - Vulnerability Detection
Location
California
Posted
99 days ago
Salary
$100K - $145K / year
Seniority
Senior
Job Description
Security Engineer - Vulnerability Detection
CrowdStrike
Title: Security Engineer - Vulnerability Detection (Hybrid) Location: Sunnyvale United States Job Description: As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn't changed - we're here to stop breaches, and we've redefined modern security with the world's most advanced AI-native platform. We work on large scale distributed systems, processing almost 3 trillion events per day and this traffic is growing daily. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We're also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We're always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you. About the Role: CrowdStrike is looking for a Vulnerability Detection Engineer for our Exposure Management group. This is an Individual Contributor role in the Exposure Management Content team responsible for researching, developing and delivering our Host and Network Vulnerability Assessment detections for CrowdStrike as also collaborating on the development of new features and technical solutions. This role is hybrid, requiring 2-3 days per week on-site at our Sunnyvale, CA office. This person would work closely with other internal teams and product management to understand the requirements and needs on Vulnerability Detection capabilities for the product. They will be technically involved in the capabilities for Exposure Management to detect, track, report and prioritize vulnerabilities on assets. Strong communication and organizational skills are essential. The successful candidate should have had experience within Exposure Management, Vulnerability Analysis and Detection and be able to develop detection pipelines for vulnerabilities and other threats. Work experience in the security industry is highly desirable, including a strong understanding of some of the current prevalent products in this space. What You'll Do: - Collaborate and lead a Team of Vulnerability Detection Engineers and Researchers to plan, coordinate and execute Vulnerability Detection Coverage for Exposure Management Supported Platforms - Participate and lead Company Thought Leadership efforts and guidance for analysis on prevalent vulnerabilities and Risk Based Vulnerability Management. - Vulnerability data discovery and validation (Data efficacy & Accuracy) - Collaborate with multi-functional teams across various physical locations including product management and other engineering disciplines. - Lead and manage other projects as assigned - AI-Enhanced Vulnerability Detection Research: Leverage generative AI tools to accelerate vulnerability analysis, proof-of-concept development, and detection rule creation while maintaining human oversight for validation and detection accuracy. - Intelligent Vulnerability Assessment Pipeline: Design and implement AI agent workflows to automate multi-step vulnerability validation processes (e.g., discovery, analysis, prioritization, remediation guidance) while ensuring human-in-the-loop verification for critical vulnerability detections and false positive reduction. What You'll Need: - Minimum 5 years of overall experience as an Individual Contributor. Experience in management and leadership roles is a plus. - Ability and desire to being hands on as well as empowering peers while collaborating across different functional areas and products - Ability to develop, coordinate and execute on an engineering roadmap - Ability to communicate and articulate crisply at all levels from executive staff to engineers - Ability to communicate, collaborate, and work effectively in a distributed team - Familiarity and experience with the Agile process - Experience in Cybersecurity Industry - Programming/scripting knowledge for automating day to day tasks - Python/ Perl, Golang. Required Skills: - Understanding of Vulnerabilities, mitigations and remediations - Understanding of Vulnerability and Software Detection techniques - Understanding of Vulnerability Prioritization Models - Experience with Security/Vulnerability detections development and release - Experience of Vulnerability Management product development - Experience designing and implementing validation workflows for Security Based products - Experience working in remote & distributed environments - Solid design and problem-solving skills with a demonstrated passion for engineering excellence, pragmatism, quality, security, and performance - Experience with Go and/or Python automation - Experience with AI/ML models is a plus #LI-AP1 #LI-AM1 #HTF Benefits of Working at CrowdStrike: - Market leader in compensation and equity awards - Comprehensive physical and mental wellness programs - Competitive vacation and holidays for recharge - Paid parental and adoption leaves - Professional development opportunities for all employees regardless of level or role - Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections - Vibrant office culture with world class amenities - Great Place to Work Certified across the globe CrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program. CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment. The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law. We base all employment decisions--including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs--on valid job requirements. If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at recruiting@crowdstrike.com for further assistance. Find out more about your rights as an applicant. CrowdStrike participates in the E-Verify program. Notice of E-Verify Participation Right to Work CrowdStrike, Inc. is committed to fair and equitable compensation practices. Placement within the pay range is dependent on a variety of factors including, but not limited to, relevant work experience, skills, certifications, job level, supervisory status, and location. The base salary range for this position for all U.S. candidates is $100,000 - $145,000 per year, with eligibility for bonuses, equity grants and a comprehensive benefits package that includes health insurance, 401k and paid time off. For detailed information about the U.S. benefits package, please click here.
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
IT-Consultant - Security Engineer (m/w/x) - Microsoft Security & Infrastructure
Intercon Solutions GmbHWir verbinden IT Fach- und Führungskräfte und Unternehmen
Fully Remote möglich | Unbefristet Unser Klient ist ein großer, etablierter IT-Dienstleister mit einem breiten Leistungsportfolio und mehreren spezialisierten Geschäftsbereichen. Für eine fokussierte Security-Sparte wird ein IT-Consultant mit Schwerpunkt Security Engineering im Microsoft- und Infrastruktur-Umfeld gesucht. Aufgaben - Mitarbeit bei der Konzeption, Konfiguration und Einführung von IT-Security-Lösungen - Mitarbeit in nationalen und internationalen IT-Security-Projekten - Technische Planung und projektbezogene Vorbereitung von Security-Maßnahmen - Identifikation, Analyse und Bewertung von Security-Schwachstellen in Netzwerken und Anwendungen - Dokumentation, Priorisierung und Behebung identifizierter Schwachstellen - Zuarbeit und Unterstützung des Security Managements auf Kundenseite - Unterstützung interner Backoffice- und Security-Strukturen (z. B. SOC, Security Operations) Qualifikation - Gute Kenntnisse im Bereich IT-Security im Windows- und Infrastruktur-Umfeld - Erfahrung mit ESAE, ASAI und Enterprise Access Model - Kenntnisse der Microsoft Defender Produktfamilie von Vorteil - Erfahrung mit Tools wie ADAudit Plus, PingCastle, Schwachstellenscannern, PurpleKnight oder RuneCast wünschenswert - Idealerweise Zertifizierungen im Security- oder Microsoft-Umfeld - Eigenständige, strukturierte Arbeitsweise und professionelles Auftreten - Hohe Lernbereitschaft und Interesse an kontinuierlicher Weiterentwicklung - Freude an einem innovativen, flexiblen Arbeitsumfeld mit Gestaltungsspielraum Benefits - Fully-Remote-Arbeitsmodell (dauerhaft möglich) - Mitarbeit in einer hoch spezialisierten Security-Sparte eines großen IT-Dienstleisters - Spannende, abwechslungsreiche Projekte mit technischem Tiefgang - Attraktives Vergütungspaket inkl. zusätzlichem erfolgsabhängigen Jahresbonus - Strukturiertes, fundiertes Onboarding - Kollegiales, fachlich starkes Team mit Duz-Kultur ab dem ersten Tag - Praxisnahe Weiterbildungs- und Zertifizierungsmöglichkeiten - Regelmäßige Team- und Unternehmensevents - Umfangreiche Sozialleistungen - Flexible Arbeitszeitmodelle (Voll- oder Teilzeit) Interessiert? Wir freuen uns auf deine Bewerbung!
• Erstellen von IT-Security Konzepten und Unterstützung bei der Integration diverser Lösungen im laufenden Betrieb. • Unterstützung unserer Kunden bei der Auswahl geeigneter Security Lösungen/ Strategien. • Fokus auf „Endpoint Security”, XDR "SIEM", "Network Security" & "Cloud Security" SOC Services.
RMF and Cybersecurity Lead
AmyxAmyx is proud to be an Equal Opportunity Employer. All qualified candidates will be considered without regard to race, color, religion, national origin, age, disability, sexual orientation, gender identity, status as a protected veteran, or any other characteristic protected by law. Amyx is a VEVRAA federal contractor and we request priority referral of veterans. Physical Demands Employee needs to be able to sit at a workstation for extended periods; use hand(s) to handle or feel objects, tools, or controls; reach with hands and arms; talk and hear. Most positions require ability to work on desktop or laptop computer for extended periods of time reading, reviewing/analyzing information, and providing recommendations, summaries and/or reports in written format. Must be able to effectively communicate with others verbally and in writing. Employee may be required to occasionally lift and/or move moderate amounts of weight, typically less than 20 pounds. Regular and predictable attendance is essential.
Role Description Amyx is seeking to hire a RMF and Cybersecurity Lead to join our Defense client in O'Fallon, IL. This position will support RMF compliance, cybersecurity operations, and continuous monitoring. - Develops and maintains RMF artifacts (ATO/ATC, POA&Ms). - Supports vulnerability management and security audits. - Provides cybersecurity reporting and metrics. - Must be experienced in RMF compliance & documentation: - Develop/maintain documentation to obtain ATO/ATC. - Identify evidence/artifacts for A&A packages. - Manage RMF artifacts (risk acceptance memos, POA&Ms, etc.). - Update security documentation in eMASS or Government-selected tools. - Provide A&A metrics. - Continuous monitoring & vulnerability management: - Upload code/security scans/checklists. - Document AP/CCI mappings. - Track POA&Ms. - Audit POA&M items. - Validate privileged user accounts as needed. - Compliance auditing & PPSM: - Support PPSM registry activities. - Ensure declared PPSMs follow applicable instructions. - Support internal/external security audits (including financial/privacy audits). - Cybersecurity operations: - Log analysis. - Support control audits/assessments. - Assess security control effectiveness. - Develop metrics and security posture reporting. - Support change management review for security impacts. - Incident reporting awareness: align reporting actions with DFARS 252.204. - Must have the ability to communicate accurate information. Qualifications - Desired: Secret Clearance. - Must have one CE cert/certificate aligned to OS/tools/devices supported (categories include OS, network support/defense, cloud/virtualization, applications, etc.). - Required: - Experience supporting USTRANSCOM and working at USTC. - Experience supporting DoD. - Demonstrated experience producing recurring cybersecurity deliverables (POA&M status, compliance reports, hygiene/scorecards, risk assessments). - Familiarity with NIST 800‑171 SSP expectations (contractor System Security Plan requirement). Benefits - Medical, Dental, and Vision Plans (PPO & HSA options available). - Flexible Spending Accounts (Health Care & Dependent Care FSA). - Health Savings Account (HSA). - 401(k) with matching contributions. - Roth. - Qualified Transportation Expense with matching contributions. - Short Term Disability. - Long Term Disability. - Life and Accidental Death & Dismemberment. - Basic & Voluntary Life Insurance. - Wellness Program. - PTO. - 11 Holidays. - Professional Development Reimbursement. Company Description Amyx is proud to be an Equal Opportunity Employer. All qualified candidates will be considered without regard to race, color, religion, national origin, age, disability, sexual orientation, gender identity, status as a protected veteran, or any other characteristic protected by law. Amyx is a VEVRAA federal contractor and we request priority referral of veterans. Physical Demands - Employee needs to be able to sit at a workstation for extended periods. - Use hand(s) to handle or feel objects, tools, or controls. - Reach with hands and arms. - Talk and hear. - Most positions require ability to work on desktop or laptop computer for extended periods of time reading, reviewing/analyzing information, and providing recommendations, summaries and/or reports in written format. - Must be able to effectively communicate with others verbally and in writing. - Employee may be required to occasionally lift and/or move moderate amounts of weight, typically less than 20 pounds. - Regular and predictable attendance is essential.
Senior AI Security Assurance Engineer
Zoom Video CommunicationsZoom Video Communications was founded in 2011 to revolutionize the way teams communicate with its software-based conference room solution. Across all devices an
What you can expect We are seeking a Senior AI Security Assurance Engineer to lead the offensive verification of our AI systems and pipelines. This role will serve as the dedicated AI security lead within the Security Assurance organization, reporting directly to the Head of Security Assurance. While not a traditional covert red team position, the role requires similar deep adversarial thinking and the ability to evaluate AI systems with the mindset of a determined skeptic. Your mission: verify and innovate. You’ll be responsible for independently evaluating, challenging, and validating the security, safety, and integrity of all AI initiatives across the company, including AI embedded in products, internal AI use cases, training pipelines, model lifecycle management, and supporting infrastructure. This is not a compliance role, it’s a hands-on, experimental one. At Zoom, Security Assurance encompasses Offensive Security (product, infrastructure, hardware, red team), PSIRT, Product Vulnerability Management, and Bug Bounty. This role will also operate across all of these domains as the organization’s primary authority on AI-related risk and capabilities/implementation. You will be the AI expert in efforts to develop scalable, intelligent systems that automate and amplify Security Assurance at Zoom. You’ll both break and build, challenging assumptions in our AI infrastructure, features, and tools while creating tools to continuously expose and mitigate critical risk. About the Team The Security Assurance team at Zoom is an adversarial, high-leverage group focused on finding and reducing the company’s most critical security risks. We work from an attacker’s mindset and operate well beyond checklists, audits, and standard SDLC gates, targeting the vulnerabilities and systemic failures that escape existing controls. The team covers offensive security (vulnerability research, red teaming, hardware security), PSIRT, product vulnerability management, bug bounty, and emerging AI security. We apply deep technical rigor and clear risk judgment to drive concrete product and platform changes. We value evidence over assumptions and curiosity over comfort. This team is for truth-seekers who want their work to measurably reduce risk at global scale. Responsibilities - Leading adversarial verification of AI systems: Design and execute deep, unconstrained assessments of AI models, pipelines, and agents, testing guardrails, safety layers, and data boundaries through offensive experimentation. - Uncovering gaps between promise and practice: Identify where AI security, safety, or privacy controls fail under pressure. Surface the mismatch between claims and reality. - Assessing the full AI lifecycle: Evaluate data, training, and deployment pipelines for risks like model poisoning, prompt injection, or fine-tuning abuse. - Developing AI-powered security discovery systems: Research, prototype, and operationalize machine learning–driven approaches to automatically detect, predict, and prioritize vulnerabilities and behavioral deviations in Zoom’s products and platform. - Automating and scaling offensive operations: Build AI-based frameworks to scale red teaming, vulnerability discovery, and bug bounty triage. Use LLMs, anomaly detection, and pattern learning to enhance automation and coverage. - Adapting cutting-edge research: Integrate the latest findings from offensive security research, autonomous agents, and AI-driven vulnerability analysis into Zoom’s security assurance programs. - Shaping AI security methodologies: Build frameworks for continuous AI-driven adversarial testing, automated validation, and system monitoring that scale across teams and products. - Translating findings into impact: Communicate verified risks and systemic weaknesses clearly to engineering and leadership, pairing technical insight with strategic direction. - Staying ahead of the curve: Track evolving AI architectures, attack vectors, and defenses, turning new research into offensive and defensive capability. What we’re looking for - Have deep understanding of generative AI systems (transformers, diffusion models, multi-agent frameworks) and their security failure modes. - Have experience building or adapting novel AI/ML methods to real-world security problems. - Demonstrate proficiency in Python, ML frameworks (PyTorch, TensorFlow, Hugging Face, LangChain), and modern cloud/data environments. - Be skilled at uncovering the true behavior and limitations of AI and platform systems through experimentation, code review, and automated adversarial techniques. - Be skilled at setting direction, advising peers, and communicating high-impact risks to executives. - Be unafraid to challenge assumptions or expose uncomfortable truths in service of user and system safety. - Demonstrate experience in red teaming, exploit development, or vulnerability research. Salary Range or On Target Earnings: Minimum: $124 000,00 Maximum: $271 200,00 In addition to the base salary and/or OTE listed Zoom has a Total Direct Compensation philosophy that takes into consideration; base salary, bonus and equity value. Note: Starting pay will be based on a number of factors and commensurate with qualifications & experience. We also have a location based compensation structure; there may be a different range for candidates in this and other locations At Zoom, we offer a window of at least 5 days for you to apply because we believe in giving you every opportunity. Below is the potential closing date, just in case you want to mark it on your calendar. We look forward to receiving your application! Anticipated Position Close Date: 04/13/26 Ways of Working Our structured hybrid approach is centered around our offices and remote work environments. The work style of each role, Hybrid, Remote, or In-Person is indicated in the job description/posting. Benefits As part of our award-winning workplace culture and commitment to delivering happiness, our benefits program offers a variety of perks, benefits, and options to help employees maintain their physical, mental, emotional, and financial health; support work-life balance; and contribute to their community in meaningful ways. Click Learn for more information. About Us Zoomies help people stay connected so they can get more done together. We set out to build the best collaboration platform for the enterprise, and today help people communicate better with products like Zoom Contact Center, Zoom Phone, Zoom Events, Zoom Apps, Zoom Rooms, and Zoom Webinars. We’re problem-solvers, working at a fast pace to design solutions with our customers and users in mind. Find room to grow with opportunities to stretch your skills and advance your career in a collaborative, growth-focused environment. Our Commitment At Zoom, we believe great work happens when people feel supported and empowered. We’re committed to fair hiring practices that ensure every candidate is evaluated based on skills, experience, and potential. If you require an accommodation during the hiring process, let us know—we’re here to support you at every step. If you need assistance navigating the interview process due to a medical disability, please submit an Accommodations Request Form and someone from our team will reach out soon. This form is solely for applicants who require an accommodation due to a qualifying medical disability. Non-accommodation-related requests, such as application follow-ups or technical issues, will not be addressed. #LI-Remote



