Lead Threat Hunter (Remote)
Posted 2025-06-16Job title: Lead Threat Hunter (Remote) in USA at CrowdStrike
Company: CrowdStrike
Job description: As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.About this Role:
As a Lead Threat Hunter you will be a key member of our Security Operations team, driving the detection, investigation, and response to advanced cyber threats. In this role, you will design and refine detection patterns across various technologies, participate in active threat hunting, and guide the organization's security posture with your insights and expertise. Your ability to operate across a wide array of data sources, maintain rigorous confidentiality, and provide hands-on incident response will be critical to safeguarding CrowdStrike's assets and reputation.What You’ll Do:Leadership & Program Management:Lead and define organizational threat hunting strategyGuide and mentor junior threat huntersProvide technical leadership and expertise to the Incident Response teamDesign and implement structured hunting frameworksPrioritize hunting operations based on threat intelligence and riskMeasure and report on program effectivenessChampion agile project management fundamentals for hunting initiativesThreat Detection & Analysis:Develop detection patterns across different technologies and log sourcesTriage detections to identify and remediate threats, including containment and live responseExecute structured threat hunting missions using hypothesis-driven approachesCreate and implement custom hunting queries and detection logicLeverage structured analytic techniques and MITRE ATT&CK framework to track adversarial behaviorIncident Response & Escalation:Participate in incident response activities, providing technical expertiseOffer on-demand after-hours support for critical security incidentsCollaborate with cross-functional teams on threat mitigationTransform hunt findings into actionable incident response proceduresDevelop threat hunting use cases based on incident response findingsSecurity Data Management & Reporting:Identify coverage gaps and optimize security data and toolingPrepare and present hunting metrics to technical and executive stakeholdersUtilize OSINT and closed intelligence sources for threat analysisMaintain comprehensive hunt documentation and knowledge baseDevelop and maintain hunting dashboards for program visibilityTooling & Integration:Engineer and tune security detections for SOAR, SIEM, and TIPDevelop and maintain custom hunting tools and scriptsIntegrate hunting capabilities into existing security stackAutomate routine hunting tasks and data collectionCross-functional Collaboration:Partner with key stakeholders (Networking, Infrastructure, DevOps)Coordinate threat management approaches across security teamsPresent findings and recommendations to various audience levelsDrive continuous improvement through knowledge sharing and innovationWhat You'll Need:Education & Experience:Bachelor's degree (or equivalent experience) in a computer-related field8+ years of progressive experience in Information Security, Threat Hunting, or related rolesUS Citizenship required due to direct work on GovCloudTechnical Expertise:Proven understanding of the MITRE ATT&CK framework, Diamond Model, and Cyber KillChainExperience analyzing raw data from security controls (web proxy, firewalls, IPS, IDS, antivirus)Proficiency with SIEM, SOAR, TIP integrations, and link analysis toolsStrong IT background (networking fundamentals, systems) and expertise with OSX, Linux, and WindowsSignificant experience with system/application log analysis and security data correlationAnalytical & Communication Skills:Effective communication skills in English (verbal and written)Excellent investigative, analytical, and problem-solving abilitiesAbility to maintain strict confidentiality and operate independently in high-pressure situationsPreferred Skills & Attributes:Scripting knowledge (e.g., Python, Perl, Bash, PowerShell)Familiarity with Splunk or other advanced SIEM platformsExperience with host and network forensicsBackground in malware analysisFamiliarity with agile project management and compliance frameworksTechnical security certifications or advanced academic credentials#LI-RC1#LI-KM1
#LI-Remote This role will require the candidate to periodically undergo and pass additional background and fingerprint check(s) consistent with government customer requirements.Benefits of Working at CrowdStrike:Remote-friendly and flexible work cultureMarket leader in compensation and equity awardsComprehensive physical and mental wellness programsCompetitive vacation and holidays for rechargePaid parental and adoption leavesProfessional development opportunities for all employees regardless of level or roleEmployee Resource Groups, geographic neighbourhood groups and volunteer opportunities to build connectionsVibrant office culture with world class amenitiesGreat Place to Work Certified™ across the globeCrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program.CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment. The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law. We base all employment decisions--including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs--on valid job requirements.If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at for further assistance.CrowdStrike participates in the E-Verify program.CrowdStrike, Inc. is committed to equal pay for equal work in its compensation practices. The base salary range for this position in the U.S. is $110,000 - $190,000 per year + variable/incentive compensation + equity + benefits. A candidate's salary is determined by various factors including, but not limited to, relevant work experience, skills, certifications, job level, supervisory status, and location.Expected Close Date of Job Posting is:07-23-2025
Expected salary: $110000 per year
Location: USA
Apply for the job now!
[ad_2]
Apply for this job