Sr. Product Security Engineer, Software Assurance

About the Role:

Help us protect CrowdStrike and its customers from the most advanced threats by securing our software supply chain. CrowdStrike’s Product Security team breaks the mold of traditional internal security, and focuses on active threats to CrowdStrike’s products. As a Senior Security Engineer you will perform technical security assessments of current and new pipelines, monitor for emerging vulnerabilities and anomalous system behaviors, create tooling for known gaps, and deploy large-scale security/monitoring systems. Additionally, you will be responsible for management of cross-cutting projects to further harden internal systems and processes against active and emerging threats.

What You’ll Do:

• Assess risk and provide security guidance on systems and software implementations to engineers across the company

• Design and implement tools and processes to secure and monitor software build pipelines, including signing

• Investigate systems and applications to understand and improve security

• Advocate for best-security practices to the entire engineering organization

• Respond to emerging threats

• Manage end-to-end delivery of large-scale, cross-cutting security initiatives to harden CrowdStrike software supply chain systems and processes

What You’ll Need:

• Experience working in engineering role designing, implementing, and supporting security systems

• Experience working with and securing configurations of Linux and/or other Unix-like variants

• Strong experience in one or more common scripting languages, such as shell, Python, Golang, javascript, etc

• Working knowledge of networking, secure coding practices and reviews, and system hardening

• Understanding of software build pipeline applications, systems, and processes

• Experience leading large, cross-team projects and initiatives

• Familiarity with TLS best practices, ciphers, software signing operations, and public/private key infrastructure implementations and security

• Experience with common monitoring or log aggregation tools such as Splunk, DataDog, Prometheus, etc.

Preferred:

• Experience working in and secure configurations of large-scale cloud platforms with highly concurrent, highly available systems

• Self-motivated to identify security problems and engage with teams to find solutions

• Efficient communicator with strong writing skills, experience working remotely

• Experience scripting groovy pipelines and using REST APIs

• Experience working at extremely large scale

• Comfortable with ambiguity and determining direction

Education/Certifications:

Technical security certifications or academic background are a plus.

CrowdStrike, Inc. is committed to fair and equitable compensation practices. The base salary range for this position in the U.S. is $160,000 - $235,000 per year + variable/incentive compensation + equity + benefits. A candidate’s salary is determined by various factors including, but not limited to, relevant work experience, skills, certifications and location.