CrowdStrike Logo

CrowdStrike

Penetration Test Engineer (Remote)

Posted 12 Hours Ago
Be an Early Applicant
Remote
Hybrid
Hiring Remotely in USA
Junior
Remote
Hybrid
Hiring Remotely in USA
Junior
The Penetration Test Engineer will perform penetration testing across various systems and applications, manage testing findings, and work collaboratively with different business units. The role requires expertise in web application security, network protocols, and strong communication skills to advocate for security best practices.
The summary above was generated by AI

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.

About the Role:

Good at breaking things? This job is for you! This position is responsible for developmental and operational penetration testing for our product and all our online properties.

This position requires someone with expertise in manual and automated web application penetration testing with the knowledge needed to breach security defenses. The ideal candidate will have at least two years of experience performing penetration tests using a mix of commercially available, open source, and personally built tools. A solid understanding of network protocols, server and web application weaknesses is also needed. The successful candidate will also have good communication skills and will provide a high level of security expertise to the company while working in a complex distributed environment.

What You'll Do:

  • Perform comprehensive penetration testing assessments across the organization.

  • Manage the entire lifecycle of penetration testing findings from discovery, triage, advising, remediation, and validation.

  • Work with various different business units to perform penetration testing assessments on systems or applications before go live rollouts.

  • Examine systems and applications to assess the current security posture.

  • Manage penetration testing related tickets to ensure issues are remediated within proper timelines.

  • Advocate for security best practices across the organization.

What You'll Need:

  • Advanced knowledge of server and client operating systems.

  • Extensive computer skills and an understanding of networking, cryptography, web applications, databases, and wireless technologies.

  • Ability to prioritize impactful findings and drive these items to remediation.

  • Experience working with Mac, Windows, Linux and/or other Unix-like variants.

  • Extensive understanding of TCP, UDP, HTTP, IP and other network protocols.

  • A detailed understanding of how to triage vulnerabilities using CVSS calculators and the ability to validate security related findings.

  • Possess the ability to work independently.

  • Proactive go-getter attitude to solve challenging problems.

  • Stays up to date with current vulnerabilities and vulnerability related news in various industries.

  • Ability to automate and script tasks using your preferred language (e.g. GoLang, Python, Ruby, Perl, BASH).

  • The ability to work remotely with teammates across the organization and maintain healthy working relationships.

Bonus Points:

  • Familiarity with the OWASP Top 10 list

  • Experience working with cloud technologies (AWS, GCP, Azure, Kubernetes or docker), infrastructure as code tools (e.g., Terraform, Ansible), and/or container technologies

  • Familiarity with common threat actor tools, techniques, and procedures (TTPs), attack kill chains, and security control evasion.

  • Experience executing effective email phishing campaigns with custom domains, website hosting, payload delivery, credential harvesting, and additional components in this area.

  • Ability to utilize and write scripts against common web APIs (REST, SOAP).

  • Knowledge of cloud platforms and highly concurrent systems.

  • Knowledge of build pipelines and CI tools.

  • You’re a clear thinker and efficient communicator (i.e. written and verbal).

  • Ability to create elegant looking slide decks.

  • Technical security certifications or academic background are a plus.

  • CVEs or bug bounty rewards.

  • Documented CTF write-ups or victories.

  • Hacker or professional group affiliations.

#LI-AC1

#LI-Remote

Benefits of Working at CrowdStrike:

  • Remote-friendly and flexible work culture

  • Market leader in compensation and equity awards

  • Comprehensive physical and mental wellness programs 

  • Competitive vacation and holidays for recharge  

  • Paid parental and adoption leaves

  • Professional development opportunities for all employees regardless of level or role

  • Employee Resource Groups, geographic neighbourhood groups and volunteer opportunities to build connections

  • Vibrant office culture with world class amenities

  • Great Place to Work Certified™ across the globe

CrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program.

CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment. The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law. We base all employment decisions--including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs--on valid job requirements.

If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at [email protected] for further assistance.

Find out more about your rights as an applicant.

CrowdStrike participates in the E-Verify program.

Notice of E-Verify Participation

Right to Work

CrowdStrike, Inc. is committed to equal pay for equal work in its compensation practices. The base salary range for this position in the U.S. is $80,000 - $130,000 per year + variable/incentive compensation + equity + benefits. A candidate's salary is determined by various factors including, but not limited to, relevant work experience, skills, certifications, job level, supervisory status, and location.

Expected Close Date of Job Posting is:05-13-2025

Top Skills

Ansible
AWS
Azure
Bash
Docker
GCP
Go
Kubernetes
Perl
Python
Ruby
Terraform

Similar Jobs at CrowdStrike

12 Hours Ago
Remote
Hybrid
2 Locations
Mid level
Mid level
Cloud • Computer Vision • Information Technology • Sales • Security • Cybersecurity
As an IT Systems Technician, you will provide front-line support to CrowdStrike internal users, troubleshoot hardware and software issues, document solutions, and help manage user access rights, while ensuring compliance with IT policies. This role involves participating in global IT projects and embracing continuous learning in a fast-paced environment.
Top Skills: Active DirectoryCitrixConfluenceDhcpDnsHyper-VJIRALinuxmacOSOffice SuiteOktaServicenowSlackTcp/IpVMwareWindowsZoom
16 Hours Ago
Remote
Hybrid
38 Locations
Mid level
Mid level
Cloud • Computer Vision • Information Technology • Sales • Security • Cybersecurity
As a Threat Analyst, you will analyze malware and detections, respond to customer inquiries regarding threat detections and work with internal teams to improve detection capabilities. The role requires understanding of malware functionality, experience with reverse engineering, and proficiency in programming, particularly in Python.
Top Skills: CC++JavaMachine LearningPython
16 Hours Ago
Remote
Hybrid
2 Locations
Senior level
Senior level
Cloud • Computer Vision • Information Technology • Sales • Security • Cybersecurity
As a Sr. Site Reliability Engineer, you will ensure the reliability and security of systems in GovCloud environments, automate infrastructure provisioning, manage VDI solutions, and lead incident response efforts while collaborating with cross-functional teams.
Top Skills: AWSAzureBashCitrixCloudFormationCyberarkDatadogElkGCPGrafanaOktaPowershellPrometheusPythonSplunkTerraformVMware

What you need to know about the Vancouver Tech Scene

Raincouver, Vancity, The Big Smoke — Vancouver is known by many names, and in recent years, it has gained a reputation as a growing hub for both tech and sustainability. Renowned for its natural beauty, the city has become a magnet for professionals eager to create environmental solutions, and with an emphasis on clean technology, renewable energy and environmental innovation, it's attracted companies across various industries, all working toward a shared goal: advancing clean technology.

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account