Broxer
Join
CrowdStrike

Red Team Services Consultant

CrowdStrike

Remote · Full Time

Be the first to apply

Experience
Any
Salary
Openings
1
Posted
2 weeks ago
Work mode
Work from home
Eligibility
Demonstrated capability matters more to us than a specific career path or credential set. We're interested in practitioners who have built real offensive depth and who approach the work with the goal of improving things for our customers. The depth could come from dedicated red team roles, a backgr…
Resume
Required to apply

Job description

About the Role

CrowdStrike is seeking a skilled and pragmatic offensive security professional to join its Red Team in the JAPAC region. This is a hands-on position focused on identifying vulnerabilities and helping organizations enhance their defensive capabilities. The Red Team conducts a wide range of offensive security operations, from targeted penetration tests to complex adversary emulation exercises. The primary goal is to identify critical security gaps, provide clear explanations, and facilitate their remediation, ultimately strengthening the client's security posture. Success in this role requires deep technical expertise and the ability to build client trust through a collaborative approach.

What You'll Do

  • Lead and execute Red Team and penetration testing engagements across various scopes and environments, prioritizing actionable findings for clients.
  • Manage engagements by coordinating with clients, guiding team members, and ensuring stakeholders are consistently informed.
  • Produce comprehensive reports detailing attack paths, identified vulnerabilities, and practical remediation strategies suitable for both technical teams and senior management.
  • Enhance team capabilities through the development of tools, ongoing research, and improvements to methodologies.
  • Collaborate with other CrowdStrike Services teams, including 'Blue' teams, to translate offensive findings into effective defensive measures.
  • Clearly present complex technical information to diverse audiences, including non-technical stakeholders and senior executives.

What You’ll Bring

Offensive Operations

  • Proven experience in conducting Red Team and penetration testing engagements, with the ability to manage assessments from initiation to completion.
  • Advanced proficiency with standard offensive security tools, including command and control frameworks, with a deep understanding of their underlying mechanisms.
  • Strong operational security (OPSEC) practices, including awareness of detection avoidance techniques and the adaptability of Tactics, Techniques, and Procedures (TTPs) to specific target environments.

Active Directory and Enterprise Infrastructure

  • Extensive experience in attacking Active Directory environments, including privilege escalation, lateral movement, persistence techniques, and credential abuse.
  • In-depth knowledge of attack vectors against Windows, Linux, or macOS, with practical familiarity across all three operating systems.

Cloud

  • Experience conducting offensive operations within AWS and Azure environments, focusing on identity and access management, compute, storage, and network attack paths.
  • Understanding of how cloud misconfigurations can be chained together to create exploitable scenarios, beyond isolated findings.

Tool Development and Automation

  • Experience in developing offensive tools or automating assessment tasks, including creating new capabilities or extending existing frameworks.
  • Proficiency in writing code to improve team efficiency and effectiveness.
  • Demonstrated use of AI tools for enhancing work in areas such as code generation, research, automation, and documentation is highly advantageous.

Communication

  • Excellent written and verbal communication skills in English, capable of conveying findings effectively to CISOs and explaining attack paths to engineers.
  • Comfortable presenting to senior leadership and managing client relationships throughout engagements.
  • Ability to navigate diverse communication styles, hierarchical structures, and directness across different markets within the JAPAC region.
  • Proficiency in additional languages such as Mandarin, Japanese, Hindi, or Thai is a plus.

Experience and Background

CrowdStrike values demonstrated capability over specific career paths or credentials. We seek practitioners with deep offensive security expertise who are driven to improve customer security. This depth can be acquired through dedicated red team roles, sysadmin or development backgrounds that evolved into security research, or other relevant experiences. The focus is on the skills' effectiveness and the candidate's approach. Offensive security certifications such as OSCP, OSEP, OSED, OSCE3, GPEN, GXPN, CRTP, CRTO, CRT, and CCT-INF are considered valuable indicators of hands-on capability. General governance and management certifications are not a primary focus for this role.

Bonus Points

  • Active participation in the security community, including conference presentations, CVE disclosures, published research, tool releases, or blogging.
  • Advanced experience in attacking networking components like routers, switches, firewalls, and wireless infrastructure.
  • Experience with hardware, embedded systems, physical security assessments, or Operational Technology (OT)/Industrial Control Systems (ICS) environments.

Why This Role

This role offers the opportunity to act as a trusted partner, thinking like an adversary to enhance client defenses. The emphasis is on collaborative engagements, ensuring findings lead to tangible improvements, and measuring success by the client's enhanced defensibility rather than a 'win' for the red team. The position involves technically challenging engagements with high-profile clients across a diverse range of industries, environments, and security maturity levels, ensuring continuous learning and engagement. There is ample opportunity to develop tooling, contribute to methodologies, and conduct research that benefits the entire team.

Benefits Of Working At CrowdStrike

  • Competitive compensation and equity awards.
  • Comprehensive programs for physical and mental well-being.
  • Generous vacation and holiday time for rest and rejuvenation.
  • Paid parental and adoption leave.
  • Opportunities for professional development for all employees.
  • Employee Networks, neighborhood groups, and volunteer activities to foster connections.
  • A dynamic office culture with excellent amenities.
  • Recognition as a Great Place to Work Certified™ globally.

CrowdStrike is an equal opportunity employer committed to fostering a culture of belonging and empowerment. We support veterans and individuals with disabilities through our affirmative action program. We are dedicated to providing equal employment opportunities to all employees and applicants, prohibiting discrimination based on race, color, creed, ethnicity, religion, sex, sexual orientation, gender identity, marital status, veteran status, age, national origin, ancestry, disability, medical condition, genetic information, or any other characteristic protected by law. Employment decisions are based on valid job requirements.

For assistance with accessibility or submitting an application, please contact recruiting@crowdstrike.com.

Skills

Automation Reporting Client Relationship Management Penetration Testing Red Teaming Vulnerability Assessment Offensive Security Active Directory Exploitation Cloud Security (AWS/Azure) Tool Development OPSEC C2 Frameworks

Leave it if you'd like a reply — we won't use it for anything else.

Click to browse, drag & drop, or paste a screenshot

PNG, JPG, GIF, MP4, WebM, MOV · Max 20MB each · Up to 5 files