Threat Hunting Consultant - SkillBridge (Remote)

This Job Description is for DoD SkillBridge participation and is not eligible for direct hire.

CrowdStrike's DoD SkillBridge / Career Skills Program (CSP) Internship is an approved SkillBridge Program under Dept. of Defense Instruction 1322.29 as enacted by 10 U.S.C. Sec 1143. Eligibility is restricted to members of the U.S. Armed Forces separating honorably with greater than 180 days of continuous Active Duty. SkillBridge/CSP period of eligibility is within th e final 180 days of Active - Duty service, and the SkillBridge/CSP must be completed prior to separation from Active Duty in the U.S. Armed Forces.

CrowdStrike's DoD SkillBridge/CSP Internship is open to members of all services, and all ranks and experience levels. Service members should fully review SkillBridge/CSP Job Description for requirements and qualifications of the individual position.

SkillBridge participants participate in full time training with industry (40 - hour work week) under permissive temporary duty military orders and are not eligible for compensation from CrowdStrike during SkillBridge participation but will continue to receive all military wages and benefits as defined by the Department of Defense.

DoD SkillBridge/CSP is fully compliant with FLSA, DBA, SCA, CSHSSA and all other pertinent Federal and State labor laws. For more employer information regarding DoD SkillBridge/CSP, please visit the Department of Defense DoD SkillBridge website at https:// skillbridge.osd.mil /

About the Role:

CrowdStrike is looking for a highly motivated, self-driven, service member dedicated to protecting organizations against the most advanced adversaries in the world. The candidate would be responsible for hunting for historical and active threats in enterprise environments and providing actionable recommendations to remediate findings.

What You'll Do:

• Analyze logs and system artifacts looking for evidence of adversary activity in enterprise environments.
• Produce high-quality written and verbal reports, presentations, recommendations, and findings to key stakeholders, including technical audiences, management, and legal Counsel.
• Contribute to developing and maturing threat hunting capabilities, including research, methodology, and scripting.

What You'll Need:

Successful candidates will have experience in one or more of the following areas:

• Threat Hunting : An understanding of Windows and Linux forensic artifacts and analysis methodologies, including program execution, persistence, file system, event logging, process analysis, and anomaly detection.
• Analysis : Strong threat analysis skills, including hypothesis-driven analysis, IOC searching, long-tail analysis, correlation, and pivoting on findings, and time-lining threat activity.
• Threat Intelligence : An understanding of targeted attacks, including tradecraft associated with eCrime and nation-state adversaries, and an ability to use intelligence for targeted IOC searching.
• Scripting : An ability to create search queries and write simple scripts in Python or another scripting language.
• Platform Architecture: A practical understanding of Windows and Linux operating systems, including file systems, registry, memory management, kernel and user-mode functions, identity, and process handling.
• Networking : A practical understanding of network protocols and how data is handled at the various layers of the OSI model.
• Identity : A familiarity with fundamental identity concepts, including Active Directory and associated protocols like Kerberos.
• Communication : strong ability to communicate analysis findings to clients, including technical and executive audiences, and legal counsel.

Experience/training in the topics below is beneficial but not essential for consideration:

• Incident Response: Incident response experience, especially with large-scale investigations involving e-Crime and nation-state actors.
• Cloud Platforms : familiarity with one or more of the following cloud platforms: AWS, Azure, and GCP.
• Incident Remediation : strong understanding of targeted attacks and an ability to create customized tactical and strategic remediation plans for compromised organizations.

Education:

BA or BS / MA or MS degree in Computer Science, Computer Engineering, Math, Information Security, Information Assurance, Information Security Management, Intelligence Studies, Cybersecurity, Cybersecurity Policy, or a related field. Applicants without a degree but with relevant work experience and/or training will be considered.

#LI-AC1

#LI-Remote

CrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program.

CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment. The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law. We base all employment decisions--including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs--on valid job requirements.

If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at recruiting@crowdstrike.com for further assistance.

Client-provided location(s): Flexible / Remote

Job ID: CrowdStrike-R26827

Employment Type: FULL_TIME

Posted: 2026-02-07T00:00:51