Sr. Intelligence Analyst - Cloud Intelligence Mission (Remote)

#WeAreCrowdStrike and our mission is to stop breaches. As a global leader in cybersecurity, our team changed the game. Since our inception, our market leading cloud-native platform has offered unparalleled protection against the most sophisticated cyberattacks. We’re looking for people with limitless passion, a relentless focus on innovation and a fanatical commitment to the customer to join us in shaping the future of cybersecurity. Consistently recognized as a top workplace, CrowdStrike is committed to cultivating an inclusive, remote-first culture that offers people the autonomy and flexibility to balance the needs of work and life while taking their career to the next level. Interested in working for a company that sets the standard and leads with integrity? Join us on a mission that matters - one team, one fight. About the Role: CrowdStrike Intelligence, a core component of CrowdStrike, is seeking a motivated Intelligence Analyst with excellent analysis skills for the Global Threat Analysis Cell (GTAC) to identify, research and track trends associated with the cloud threat landscape. This role will be focused on tracking and documenting cloud-related techniques that are observed in the wild and their use by both targeted intrusion and eCrime adversaries in close collaboration with other subject matter experts on the Intelligence team. This position serves an important role in increasing our understanding of trends in the global cloud threat landscape, contributing to the continuous tracking of criminal and state-sponsored adversary groups, and ultimately developing finished intelligence products. The ideal candidate for this position is a specialist in AWS/Azure/GCP log analysis with the ability to track the adversary landscape based on intrusion behavior. We are also open to applications by experienced and talented Analysts without significant knowledge in this field that are willing to rapidly expand their skills to meet the following requirements: What You'll Do: Identify threats, trends, and new developments in the cloud threat landscape by analyzing raw intelligence and data. This may involve querying ElasticSearch or analyzing raw cloud logs like CloudTrail Identify and monitor the Tactics, Techniques, and Procedures (TTPs) employed by cyber threat actors that compromise cloud environments Apply understood analytic tradecraft to gathered intelligence in a consistent manner Provide and assist with finished intelligence analysis to internal and external customers through written reporting of varied depth on short deadlines, with minimal supervision Collaborate across teams to inform various functions within CrowdStrike Intelligence about activity of interest and to coordinate adversary/campaign tracking Identify intelligence gaps and submit requests for information to fill gaps Conduct briefings as needed for a variety of levels of customers as requested (via either phone, video conference, webcast, in-person briefing, or industry conference) What You'll Need: Minimum of 2-3 years’ experience in a threat intelligence environment Motivated self-starter with experience in the cyber threat intelligence field, preferably with experience in researching and reporting on cloud incidents in AWS, Azure, and GCP as well as adversary behavior Experience analyzing API logs (e.g. CloudTrail) from at least one of the three major cloud service providers: AWS, Azure, or GCP Basic understanding of identity and access management (IAM) concepts in the cloud Ability to identify and track adversary tradecraft trends Ability to produce quality finished intelligence products on short deadlines, as well as continuing to maintain analysis for and report on long term strategic assessments Basic knowledge of how malware is developed, functions, and is employed Desire to extend knowledge on intelligence tradecraft and technical terminology relevant to cloud intelligence, as well as provide assistance to other members of the intelligence team Undergraduate degree, military training or relevant experience in cyber intelligence, computer science, general intelligence studies, security studies, political science, international relations, etc. Other technical security certifications or academic background are a plus. #LI-AO1 Benefits of Working at CrowdStrike: Remote-first culture Market leader in compensation and equity awards Competitive vacation and flexible working arrangements Comprehensive and inclusive health benefits Physical and mental wellness programs Paid parental leave, including adoption A variety of professional development and mentorship opportunities Offices with stocked kitchens when you need to fuel innovation and collaboration We are committed to fostering a culture of belonging where everyone feels seen, heard, valued for who they are and empowered to succeed. Our approach to cultivating a diverse, equitable, and inclusive culture is rooted in listening, learning and collective action. By embracing the diversity of our people, we achieve our best work and fuel innovation - generating the best possible outcomes for our customers and the communities they serve. CrowdStrike is committed to maintaining an environment of Equal Opportunity and Affirmative Action. If you need reasonable accommodation to access the information provided on this website, please contact Recruiting@crowdstrike.com, for further assistance. CrowdStrike, Inc. is committed to fair and equitable compensation practices. The salary range for this position in the U.S. is $80,000 - $115,000 per year + bonus + equity + benefits. A candidate’s salary is determined by various factors including, but not limited to, relevant work experience, skills, certifications and location. CrowdStrike participates in the E-Verify program. Notice of E-Verify Participation Right to Work CrowdStrike was founded in 2011 to fix a fundamental problem: The sophisticated attacks that were forcing the world’s leading businesses into the headlines could not be solved with existing malware-based defenses. Founder George Kurtz realized that a brand new approach was needed — one that combines the most advanced endpoint protection with expert intelligence to pinpoint the adversaries perpetrating the attacks, not just the malware. There’s much more to the story of how Falcon has redefined endpoint protection but there’s only one thing to remember about CrowdStrike: We stop breaches.