Threat Analyst

CrowdStrike

full-time

Posted on: 9/28/2025

Location Type: Remote

Location: Remote • 🇷🇴 Romania

Visit company website

✨ AI Apply

Apply

Job Level

Mid-LevelSenior

Tech Stack

LinuxSDLC

About the role

Monitor and analyze the extensive array of detections and preventions deployed by various internal teams within CrowdStrike
Respond to customer inquiries regarding threat detections and capabilities
Proactively manage false positives and enhance overall efficacy of content
Collaborate closely with Technical Account Managers, Support engineers, Falcon Complete, Data Science, and content engineering teams
Provide assistance in creation of new detections, improvements to existing models, and assessment of detection gaps
Document and offer expert-level information to diverse stakeholders regarding content detections within CrowdStrike Falcon
Support customers and teams in enhancing or suppressing detection alerts
Develop new detection content based on adversarial or testing activity observed in logs
Translate analysis findings into impactful detection capabilities for Falcon Sensor

Requirements

Comprehensive understanding of common adversary tactics and techniques
Demonstrated ability to analyze complex situations and articulate information clearly to diverse stakeholders
Profound understanding of and ability to interpret logs generated by systems, networks, and applications
Proven experience in identifying and isolating unique patterns within process behavior or logs (e.g., RegEx, correlation rules, YARA)
Prior experience with EDR products and endpoint security monitoring
Expertise in and understanding of Windows, Linux, and MacOSX operating systems
Capacity to contribute both independently and collaboratively within a team environment
Possess an inquisitive nature and the ability to conduct thorough research using historical data
Keen eye for documenting pertinent details and facilitating focused discussions
Eagerness to acquire new knowledge and skills
BA/BS or MA/MS degree or equivalent experience in Computer Science, Information Security, or a related field
Bonus: Experience in a security operations center or similar environment responding to incidents
Bonus: Demonstrated ability to automate repetitive tasks to enhance overall work efficiency
Bonus: In-depth experience with penetration testing (red team) methodologies and tools
Bonus: Forensic experience
Bonus: Proficiency in utilizing Jira
Bonus: Working knowledge of programming/scripting languages, dynamic malware analysis and sandboxing, and/or penetration testing tools and techniques
Bonus: Good understanding of the application development life cycle (SDLC)

Benefits

Remote-friendly and flexible work culture
Market leader in compensation and equity awards
Comprehensive physical and mental wellness programs
Competitive vacation and holidays for recharge
Paid parental and adoption leaves
Professional development opportunities for all employees regardless of level or role
Employee Networks, geographic neighborhood groups, and volunteer opportunities
Vibrant office culture with world class amenities
Great Place to Work Certified™ across the globe

ATS Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills

adversary tacticslog analysisRegExcorrelation rulesYARAEDR productsendpoint security monitoringWindowsLinuxMacOSX

Soft skills

analyzing complex situationsarticulating informationindependent contributioncollaborative teamworkinquisitive naturethorough researchdocumenting detailsfacilitating discussionseagerness to learn