Product Security Engineer, Software Assurance

About the Role:

Help us protect CrowdStrike and its customers from the most advanced threats by securing our software supply chain. CrowdStrike’s Product Security team breaks the mold of traditional internal security, and focuses on active threats to CrowdStrike’s products. As a Security Engineer you will perform security assessments of third party software, assist with supply chain vulnerability management, and assist teams migrating technology and processes to more secured options. Additionally, you may be responsible for running projects to further harden internal systems and processes against active and emerging threats.

What You’ll Do:

• Assess risk and provide security guidance on software implementations to engineers across the company

• Threat hunt in build and signing pipelines to improve security

• Create and monitor alerts related to supply chain security

• Advocate for best-security practices to the entire engineering organization

• Respond to emerging threats

What You’ll Need:

• Experience working in engineering role implementing, and supporting security systems

• Experience working with and securing configurations of Linux and/or other Unix-like variants

• Strong experience in one or more common scripting languages, such as shell, Python, Golang, javascript, etc

• Working knowledge of secure coding practices, reviews, and system hardening

• Understanding of software build pipeline applications, systems, and processes

• Experience with common monitoring or log aggregation tools such as Splunk, DataDog, Prometheus, etc.

Preferred:

• Experience working in and secure configurations of large-scale cloud platforms with highly concurrent, highly available systems

• Self-motivated to identify security problems and engage with teams to find solutions

• Efficient communicator with strong writing skills, experience working remotely

• Experience working at extremely large scale

• Relevant experience in the area of code reachability

• Static Code Analysis experience

Education/Certifications:

Technical security certifications or academic background are a plus.