Sr. Engineer - Cloud Posture Detection (Hybrid) at CrowdStrike

**Who this is for** A security-focused engineer who is passionate about researching cloud threats and translating security research into scalable, code-based de

Work type: hybrid

Location: USA - New York, NY

Salary: $140,000 – $215,000/yr

Type: Full-time

Summary

**Who this is for** A security-focused engineer who is passionate about researching cloud threats and translating security research into scalable, code-based detection rules. **Key highlights** You will join the Falcon Cloud Security team to build and maintain detection content, focusing on identifying misconfigurations and compliance gaps across AWS, Azure, and GCP environments. **You might be a good fit if you...** - Have professional experience in cloud security operations, incident response, or risk management. - Are proficient in using data analytics tools like Elastic Search or Splunk to extract insights from large datasets. - Possess practical knowledge of major Cloud Service Providers (AWS, Azure, or GCP). - Understand industry security frameworks such as NIST, CIS, or PCI.

Job Description

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.

About the Role:

The Falcon Cloud Security (FCS) Detection Engineering team enables CrowdStrike’s primary mission of Stopping the Breach, through a shift-left approach that focuses on helping customers of cloud computing manage their risk posture. We do this by writing and maintaining detection rules that assess cloud assets to identify risks and opportunities for improvement. Our team specializes in cloud security posture management (CSPM), analyzing cloud environment configurations and settings across AWS, Azure, and GCP to identify misconfigurations, compliance gaps, and security weaknesses. We start by using research to define best practices for cloud security, which we translate into detection rules we author and deploy as code into the FCS product ecosystem. In addition to posture management, the Detection Engineering team researches threats to cloud services & assets, and writes detection rules to identify abuses and attacks.

What You'll Do:

This role combines a blend of skill sets including security operations & incident response, data analytics, risk management, software development, and threat research. You'll work extensively with cloud posture data—analyzing configurations like multi-factor authentication settings, access controls, encryption policies, and other security posture indicators to create detection content. If you enjoy researching cloud security issues and developing detection content as code, all in a fast-paced environment with broad collaboration across a team, this role is for you.

As a member of the Falcon Cloud Security Detection Engineering team, you will be responsible for performing research into cloud threats, vulnerabilities, and abuses, to determine configuration best practices that can be used to secure cloud services and assets. You will also be responsible for developing and deploying detection rules as code into the FCS product ecosystem along with writing descriptions that customers will use to understand and action alerts generated by these rules.

Location: New York City (Hybrid)

Candidate should be comfortable visiting the office twice a week once the development center is established.What You’ll Need:

United States Citizenship OR Permanent Residency is necessary to retain access to resources for this role (NO Clearance necessary)

Professional experience in cloud security-related operations and engineering roles, specifically related to threat detection, incident response, and risk management with a focus on cloud security posture management (CSPM, DSPM, or similar).

Experience with data analytics, including searching large data sets, correlating attributes, interpreting results, extracting insights, and forming data-driven conclusions.

Experience with searching data with analytics tools including Elastic Search, Splunk, or a SIEM.

A working practical knowledge of at least one of the following Cloud Service Providers: AWS, Azure, GCP, OCI.

A practical understanding of industry security standards and control frameworks such as NIST, CISA, CIS, HIPAA, HISTRUST, PCI and others.

Experience developing, deploying, and maintaining code in formalized software development/CICD workflows including the use of BitBucket to manage code deployments.

Familiarity with the Agile methodology for project management.

Strong engineering skills with proficiency in Python, Go, Java, C#, or JavaScript for developing detection content

Ability to author and run Elastic Search queries and interpret results from large data sets.

Proficient in the English language with strong written and verbal communication skills.

A passion for quality and experience optimizing results.

Bonus Points:

Experience writing detection rules with the Open Policy Agent query language, Rego.

Having served in a role focused on Detection Engineering or Cloud Posture/Content Engineering; writing detection rules used by other teams.

Experience with cloud security posture management platforms or tools (CSPM, DSPM, ASPM, or similar)

Formalized training or certification in cloud computing, including administration, development, engineering, or architecture.

#LI-DR1

#LI-Hybrid

This role will require the candidate to periodically undergo and pass additional background and fingerprint check(s) consistent with government customer requirements.

Benefits of Working at CrowdStrike:

Market leader in compensation and equity awards

Comprehensive physical and mental wellness programs

Competitive vacation and holidays for recharge

Paid parental and adoption leaves

Professional development opportunities for all employees regardless of level or role

Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections

Vibrant office culture with world class amenities

Great Place to Work Certified™ across the globe

CrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program.

View this job on nocollar jobs