Lead Threat Hunter (Remote)

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn't changed - we're here to stop breaches, and we've redefined modern security with the world's most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We're also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We're always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.

• Lead and define organizational threat hunting strategy
• Guide and mentor junior threat hunters
• Provide technical leadership and expertise to the Incident Response team
• Design and implement structured hunting frameworks
• Prioritize hunting operations based on threat intelligence and risk
• Measure and report on program effectiveness
• Champion agile project management fundamentals for hunting initiatives

• Develop detection patterns across different technologies and log sources
• Triage detections to identify and remediate threats, including containment and live response
• Execute structured threat hunting missions using hypothesis-driven approaches
• Create and implement custom hunting queries and detection logic
• Leverage structured analytic techniques and MITRE ATT&CK framework to track adversarial behavior

• Participate in incident response activities, providing technical expertise
• Offer on-demand after-hours support for critical security incidents
• Collaborate with cross-functional teams on threat mitigation
• Transform hunt findings into actionable incident response procedures
• Develop threat hunting use cases based on incident response findings

• Identify coverage gaps and optimize security data and tooling
• Prepare and present hunting metrics to technical and executive stakeholders
• Utilize OSINT and closed intelligence sources for threat analysis
• Maintain comprehensive hunt documentation and knowledge base
• Develop and maintain hunting dashboards for program visibility

• Engineer and tune security detections for SOAR, SIEM, and TIP
• Develop and maintain custom hunting tools and scripts
• Integrate hunting capabilities into existing security stack
• Automate routine hunting tasks and data collection

• Partner with key stakeholders (Networking, Infrastructure, DevOps)
• Coordinate threat management approaches across security teams
• Present findings and recommendations to various audience levels
• Drive continuous improvement through knowledge sharing and innovation

• Bachelor's degree (or equivalent experience) in a computer-related field
• 8+ years of progressive experience in Information Security, Threat Hunting, or related roles
• US Citizenship required due to direct work on GovCloud

• Proven understanding of the MITRE ATT&CK framework, Diamond Model, and Cyber Kill
• Chain
• Experience analyzing raw data from security controls (web proxy, firewalls, IPS, IDS, antivirus)
• Proficiency with SIEM, SOAR, TIP integrations, and link analysis tools
• Strong IT background (networking fundamentals, systems) and expertise with OSX, Linux, and Windows
• Significant experience with system/application log analysis and security data correlation

• Effective communication skills in English (verbal and written)
• Excellent investigative, analytical, and problem-solving abilities
• Ability to maintain strict confidentiality and operate independently in high-pressure situations

• Scripting knowledge (e.g., Python, Perl, Bash, PowerShell)
• Familiarity with Splunk or other advanced SIEM platforms
• Experience with host and network forensics
• Background in malware analysis
• Familiarity with agile project management and compliance frameworks
• Technical security certifications or advanced academic credentials

• Remote-friendly and flexible work culture
• Market leader in compensation and equity awards
• Comprehensive physical and mental wellness programs
• Competitive vacation and holidays for recharge
• Paid parental and adoption leaves
• Professional development opportunities for all employees regardless of level or role
• Employee Resource Groups, geographic neighbourhood groups and volunteer opportunities to build connections
• Vibrant office culture with world class amenities
• Great Place to Work Certified™ across the globe