Incident Response Analyst (Remote) position at CrowdStrike.| United States Of America

_{More Than 30 Days Ago} bot

CrowdStrike Incident Response Analyst (Remote)

Experience: General

Pattern: Remote

Country:

Copy Link Report

OND

USA - Remote, ..........United States Of America

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you. About the Role: CrowdStrike is looking for a highly motivated, self-driven Incident Responder to support the incident-response lifecycle—serving as a core member of IR Operations, a team within CSIRT focused on threat detection and incident response. In this role, you’ll support a high-impact team, and participate in complex initiatives, take ownership of security incidents, and conduct in-depth technical investigations to identify, investigate and and respond to security threats across the organization. You’ll work shoulder-to-shoulder with seasoned incident response investigators to drive continuous process improvement across our world-class security team. Do you find yourself interested in putting your hands-on technical skills to the test in investigating and resolving complex escalated investigations? Are you self-motivated and looking for an opportunity to broaden your expertise through research, operational initiatives, and complex investigations? Are you ready to dive into logs, endpoint telemetry, and threat intelligence to uncover the root cause of an incident? D o you enjoy working around like-minded security professionals in a world class team who you can both learn from and mentor on a daily basis? Are you looking for a role where your contributions to training, research, and process design directly strengthen incident response operations? Do you enjoy collaborating with a high-performing team and explaining technical risk to stakeholders who depend on your insights? What You’ll Do: Take ownership of security incidents detected by CSIRT, identify and recommend improvements to enhance workflows, tools, and response effectiveness. Participate in escalated incidents by gathering and analyzing evidence from logs, endpoint telemetry, and threat-intel sources; perform and adapt investigative or containment actions from playbooks—such as host isolation, phishing email removal —and confirm remediation. Conduct in-depth research on incident response related topics that support team operations and improve investigative capabilities. Maintain clear documentation of investigative steps, evidence, decisions, and project progress to support transparency and knowledge sharing. Identify gaps in detection coverage, workflows, or tooling, and collaborate on new detection logic, playbook refinements, and automation opportunities. Contribute to the creation and maintenance of runbooks, knowledge articles, and other deliverables that strengthen CSIRT’s incident response capabilities. What You’ll Need: Demonstrated experience performing incident response from escalation through resolution, leveraging multiple data sources and coordinating with cross-functional teams. Proficiency with EDR platforms (e.g., Falcon), SIEM/SOAR technologies, and network forensics tools (e.g., Zeek, Suricata, Wireshark) to support deep investigations. Advanced investigative skills, including host- and network-level log analysis, endpoint telemetry review, and use of threat intelligence to determine scope and impact. Strong knowledge of Windows, macOS, and Linux internals, as well as digital forensics techniques for memory, disk, and network artifact analysis. Proven ability to conduct in-depth research on topics that support team operations and improve investigative capabilities, and to translate findings into actionable outcomes. Solid understanding of network protocols (HTTP/S, DNS, SMTP, SMB, Kerberos) and the ability to analyze packet captures. Strong written and verbal communication skills, with the ability to present investigative findings and recommendations to both technical and non-technical stakeholders. Experience conducting cloud-focused incident response in AWS, Azure, or GCP environments. Ability to design and deliver scenario-based training to enhance investigative skills and operational readiness. Bonus Points: Advanced scripting or development experience (Python, PowerShell, Bash, or Perl) to create custom investigative tooling, automate complex data analysis, or integrate new data sources into investigative workflows. Expertise as a SIEM power user, capable of executing advanced, investigation-driven searches, building specialized dashboards, and developing or refining high-fidelity detections. Proven track record of publishing threat research, presenting at security conferences, or contributing to industry-wide knowledge sharing. Education: A bachelor’s or master’s degree in Computer Science, Cybersecurity, Digital Forensics, or a related field is welcome — but not required. Candidates who can demonstrate equivalent, hands-on experience in incident response, threat research, or digital forensics will receive full consideration. Applicable security certifications (e.g., GCFA, GREM, GNFA, GCTI). #LI-Remote #LI-AP1 This role will require the candidate to periodically undergo and pass additional background and fingerprint check(s) consistent with government customer requirements. Benefits of Working at CrowdStrike: Market leader in compensation and equity awards Comprehensive physical and mental wellness programs Competitive vacation and holidays for recharge Paid parental and adoption leaves Professional development opportunities for all employees regardless of level or role Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections Vibrant office culture with world class amenities Great Place to Work Certified™ across the globe CrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program. CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment. The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law. We base all employment decisions--including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs--on valid job requirements. If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at recruiting@crowdstrike.com for further assistance. Find out more about your rights as an applicant. CrowdStrike participates in the E-Verify program. Notice of E-Verify Participation Right to Work CrowdStrike, Inc. is committed to fair and equitable compensation practices. Placement within the pay range is dependent on a variety of factors including, but not limited to, relevant work experience, skills, certifications, job level, supervisory status, and location. The base salary range for this position for all U.S. candidates is $85,000 - $120,000 per year, with eligibility for bonuses, equity grants and a comprehensive benefits package that includes health insurance, 401k and paid time off. For detailed information about the U.S. benefits package, please click here .

Other Ai Matches

Remote

Corporate Sales Engineer, Turkey (Remote, UAE) Applicants are expected to have a solid experience in handling Turkey (Remote, UAE) related tasks

Regional Sales Engineer Applicants are expected to have a solid experience in handling Job related tasks

Remote

Associate Engagement Lead, IR Partner Services (Remote) Applicants are expected to have a solid experience in handling IR Partner Services (Remote) related tasks

Remote

Sr. Windows Systems & Automation Engineer (Remote) Applicants are expected to have a solid experience in handling Job related tasks

Backend Engineer III - Cloud Applicants are expected to have a solid experience in handling Job related tasks

Remote

Director, Product Marketing - NG-SIEM (Remote) Applicants are expected to have a solid experience in handling Product Marketing - NG-SIEM (Remote) related tasks

Remote

Pangea SE Specialist (Remote) Applicants are expected to have a solid experience in handling Job related tasks

Remote

Regional Alliance Manager (Remote, POL) Applicants are expected to have a solid experience in handling POL) related tasks

Assistant Manager, Deal Desk (5:00 PM to 2:00AM IST) Applicants are expected to have a solid experience in handling Deal Desk (5:00 PM to 2:00AM IST) related tasks

University Recruiting Launch Intern Europe and META (Bucharest, ROU) Applicants are expected to have a solid experience in handling ROU) related tasks

Remote

Regional Sales Manager (Remote, BEL) Applicants are expected to have a solid experience in handling BEL) related tasks

Corporate Account Manager Applicants are expected to have a solid experience in handling Job related tasks

Remote

Sr Data Scientist, Marketing (Remote) Applicants are expected to have a solid experience in handling Marketing (Remote) related tasks

Remote

Privileged Access Management (PAM) Architect (Remote) Applicants are expected to have a solid experience in handling Job related tasks

Remote

Director, Corporate Sales Engineering (Remote) Applicants are expected to have a solid experience in handling Corporate Sales Engineering (Remote) related tasks

Sr. Software Engineer - CharlotteAI (Hybrid) Applicants are expected to have a solid experience in handling Job related tasks

Remote

Implementation Engineer - Evergreen (Remote, BRA) Applicants are expected to have a solid experience in handling BRA) related tasks

Sr. Software Engineer - Browser Extension, Data Protection (Hybrid, ISR) Applicants are expected to have a solid experience in handling Data Protection (Hybrid, ISR) related tasks

Digital Growth Marketing, Senior Specialist Applicants are expected to have a solid experience in handling Senior Specialist related tasks

Remote

Regional Sales Manager (Remote, KOR) Applicants are expected to have a solid experience in handling KOR) related tasks

Remote

Strategic Advisory Services Consultant (Remote) Applicants are expected to have a solid experience in handling Job related tasks

Remote

Regional Sales Manager, New Accounts Public (Remote, FRA) Applicants are expected to have a solid experience in handling New Accounts Public (Remote, FRA) related tasks

Remote

Manager, Sales Engineering NG Identity (Remote, West Coast) Applicants are expected to have a solid experience in handling Sales Engineering NG Identity (Remote, West Coast) related tasks

Incident Response Analyst (Remote) job opportunity at CrowdStrike.

Saved Jobs

No Job Saved

Other Ai Matches