Platform Security Engineer (Remote)

Join to apply for the Platform Security Engineer (Remote) role at CrowdStrike.

As a global leader in cybersecurity, CrowdStrike protects the people, processes, and technologies that drive modern organizations. Since 2011, our mission has been to stop breaches with our advanced AI-native platform. We support a diverse range of industries and foster a culture of flexibility, autonomy, and innovation. If you're passionate about cybersecurity and want to make a difference, consider joining us.

As a Platform Security Operations Engineer, you’ll support incident response and threat hunting teams by building, maintaining, and optimizing infrastructure and tooling for threat detection, investigation, and response. Your role involves automating security workflows, ensuring platform reliability, and enhancing detection and response capabilities.

• Implement automated threat intelligence platforms and integrations
• Design and maintain threat hunting infrastructure and tools
• Automate incident response workflows and playbooks
• Develop and maintain infrastructure for detection engineering workflows
• Create automated testing environments for detection rules
• Build CI/CD pipelines for detection deployment
• Implement automated validation of detection quality
• Support threat hunting infrastructure needs
• Maintain emergency response platforms and tools
• Implement automated containment and response capabilities
• Automate routine security operations tasks
• Develop custom integrations between security tools
• Create self-service security tooling for IR teams
• Build automated reporting and metrics collection

• Bachelor’s degree or equivalent in a computer-related field
• 8+ years of DevOps/Platform Engineering experience
• US Citizenship due to work on GovCloud

• Proficiency in Python/Go programming
• Knowledge of MITRE ATT&CK Framework
• Experience with incident response and threat hunting methodologies
• Security data analysis skills
• Experience with cloud platforms (AWS, Azure, GCP)
• Log aggregation and processing expertise
• Familiarity with SIEM platforms (Splunk, ELK)
• Infrastructure as Code (Terraform, Ansible)
• Git and CI/CD pipelines
• Containerization (Docker, Kubernetes)

• Scripting knowledge (Python, Perl, Bash, PowerShell)
• Experience with Splunk or other SIEM platforms
• Knowledge of agile project management and compliance frameworks
• Security certifications or advanced degrees
• Experience with SOAR and EDR platforms
• Familiarity with threat intelligence platforms

This role requires periodic background and fingerprint checks in accordance with government customer requirements.