About the Role:
Ensure that our platform and products are designed and implemented to the highest security standards
CrowdStrike is looking for an experienced manager for our application security team. This critical role in the organization will be responsible for leading and growing the application security team supporting our Falcon platform.
You and your team will be responsible for performing security assessments, security testing before release, create security training for developers, raise developer awareness of security best practices, and partner closely with our development teams to produce secure solutions. You will work cross functionally with your peers in the engineering organization as well as leaders in other business units. We are a remote first company so you must bring your excellent verbal and written communication skills to bear when you are working with your engineering teams and cross functional teams across the globe.
Essential Duties and Responsibilities
- Hire and develop a team of global application security engineers supporting a global engineering team
- Create robust processes and perform hands-on high impact threat models for our major engineering efforts
- Integrate tightly with our product SDLC performing integrated static code analysis, secure code reviews and security testing
- Help create security trainings for our developers to raise security awareness
- Establish secure testing frameworks to test and validate security controls
- Publish security standards and best practices for engineering teams
- Form strong relationships with engineering teams and provide security consultation on complex issues
- Measure the impact of application security practices on overall security posture of our products and platform
- 5+ years of hands-on experience within a security team with in-depth understanding of application security assessment methodologies such threat modeling, secure design reviews, secure code review, and security testing
- 2+ years of hands-on management experience leading engineering teams
- Hands-on knowledge of risk analysis and vulnerability scoring
- Experience performing static and dynamic code analysis
- Scripting capabilities with Python, Perl, Ruby, or some other automation system
- Protocol knowledge of TCP/IP, HTTP, applied Cryptography, others
- Experience with managing hundreds of security assessments a year across multiple product lines
- Solid grounding in the technology of at least one cloud environment (AWS, Azure, GCP)
- Experience supporting fast-paced, forward looking, SaaS provider
- Experience supporting operational systems and CI platforms
- Knowledge of IaaS cloud platforms and highly concurrent systems
- You're a clear thinker and efficient communicator
- Technical security certifications or academic background a plus.
Benefits of Working at CrowdStrike:
- Market leader in compensation and equity awards
- Competitive vacation policy
- Comprehensive health benefits + 401k plan
- Paid parental leave, including adoption
- Flexible work environment
- Wellness programs
- Stocked fridges, coffee, soda, and lots of treats
CrowdStrike is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law.
CrowdStrike participates in the E-Verify program.
Notice of E-Verify Participation
Right to Work