Product Security Engineer, Software Assurance
About the Role:
Help us protect CrowdStrike and its customers from the most advanced threats by securing our software supply chain. CrowdStrike’s Product Security team breaks the mold of traditional internal security, and focuses on active threats to CrowdStrike’s products. As a Security Engineer you will perform security assessments of third party software, assist with supply chain vulnerability management, and assist teams migrating technology and processes to more secured options. Additionally, you may be responsible for running projects to further harden internal systems and processes against active and emerging threats.
What You’ll Do:
Assess risk and provide security guidance on software implementations to engineers across the company
Threat hunt in build and signing pipelines to improve security
Create and monitor alerts related to supply chain security
Advocate for best-security practices to the entire engineering organization
Respond to emerging threats
What You’ll Need:
Experience working in engineering role implementing, and supporting security systems
Experience working with and securing configurations of Linux and/or other Unix-like variants
Strong experience in one or more common scripting languages, such as shell, Python, Golang, javascript, etc
Working knowledge of secure coding practices, reviews, and system hardening
Understanding of software build pipeline applications, systems, and processes
Experience with common monitoring or log aggregation tools such as Splunk, DataDog, Prometheus, etc.
Preferred:
Experience working in and secure configurations of large-scale cloud platforms with highly concurrent, highly available systems
Self-motivated to identify security problems and engage with teams to find solutions
Efficient communicator with strong writing skills, experience working remotely
Experience working at extremely large scale
Relevant experience in the area of code reachability
Static Code Analysis experience
Education/Certifications:
Technical security certifications or academic background are a plus.