Sr. Security Engineer - Access & Cryptography (Remote)
Location
Remote
Level
Senior
Department
Engineering
Type
Full - Time
Salary
Job Description
Posted on:
September 1, 2023
Help us protect CrowdStrike and its customers from the most advanced threats by assessing, monitoring, and implementing improvements to our cryptographic and access standards.
CrowdStrike’s Product Security team breaks the mold of traditional internal security and focuses on active threats to CrowdStrike’s products. You will be responsible for improving the access and cryptographic management operations, detecting & remediating misconfigurations, partnering closely with our development teams to remediate security vulnerabilities and influence improvements on our product implementation.
Responsibilities
- Perform analysis and administration of access and cryptographic configurations.
- Develop automation around access administration and cryptographic materials and configuration management and monitoring process.
- Engineer and tune the security solutions including but not limited to enrollments, monitoring, alerting and maintaining defined security posture
- Asses current threat landscape and business needs to prioritize workload effectively
- Examine systems and applications to understand current security posture
- Advocate for best-security practices to engineering organization
Job Requirements
- Applicable experience in a security role implementing and supporting security systems and infrastructure.
- Experience working with Linux and/or other Unix-like variants
- Experience building REST APIs.
- Experience with indexing and search query strategies in Splunk, ES, and SQL based databases.
- Experience with large-scale, business-critical environments.
- Experience operating within a hybrid multi cloud environment.
- Scripting capabilities in bash, Python, Go, Ruby, or some other automation systems.
- Protocol knowledge of TCP/IP, HTTP, and applied Cryptography.
- Experience with cryptographic implementations on both server and client side libraries, including certificates, cryptographic cipher suites, communication protocols, and at rest encryption.
- Experience with IAM standards and practices, including hands on experience managing IAM standards, and operational experience with administration of those standards, IE: Role Based Access, Group Administration, Permission Entitlement configurations, Identity Lifecycle processes.
- Working knowledge of Access protocols such as LDAP, Kerberos, JWT, various other management, authentication, and authorization systems and protocols.
Bonus Points:
- 6+ years of combined experience with IAM principles and cryptographic implementations.
- 6+ years experience supporting business critical operational systems.
- 4+ years of knowledge of cloud platforms and highly concurrent systems
