Senior Intelligence Analyst, GTAC Vulnerability Mission

This is a fully remote position, open to applicants in Germany.

📋 Description

• Recognize threats, trends, and emerging developments in vulnerabilities and exploit behavior by adversaries while synthesizing raw intelligence and data from multiple sources.

• Track and analyze the Tactics, Techniques, and Procedures (TTPs) utilized by cyber threat actors who employ exploits.

• Analyze, model, and structure data relationships to aid in identifying and detailing malicious activities.

• Consistently apply understood analytic tradecraft to the gathered intelligence.

• Generate comprehensive intelligence analyses for both internal and external clients through written reports of varying depth under tight deadlines, with minimal oversight.

• Collaborate with various teams to keep CrowdStrike informed about activities of interest and to coordinate adversary/campaign tracking.

• Create tools, processes, and technologies to enable predictive analysis of adversaries and their tactics based on vulnerabilities and exploits.

• Identify intelligence gaps and submit information requests to address these gaps.

• Conduct briefings as necessary for a diverse range of clients as requested (via phone, video conference, webcast, in-person meeting, or industry conference).

⛳️ Requirements

• A minimum of 2-3 years of experience in a threat intelligence environment.

• A motivated self-starter with experience in the cyber threat intelligence sector, ideally with a background in researching and reporting on exploits and adversary behavior.

• Capability to produce high-quality finished intelligence products under tight deadlines while maintaining long-term strategic assessments.

• Familiarity with analytic tradecraft, including the creation of intelligence assessments.

• Basic understanding of how vulnerabilities are discovered and exploits are developed (e.g., knowledge of common remote network exploitation and/or local privilege escalation techniques).

• Proficiency in identifying and tracking adversary tradecraft and trends across various actor types.

• Experience with technical indicators from malware, logs, and/or PCAP by utilizing resources for infrastructure analysis, samples, and link analysis.

• Familiarity or willingness to learn basic signature writing (e.g., YARA, Snort, Zeek, etc.).

• Knowledge of operating system fundamentals (e.g., Windows, Linux, macOS) and networking concepts.

• A desire to enhance knowledge of intelligence tradecraft and technical terminology relevant to vulnerability intelligence, while also providing support to other intelligence team members.

• Previous experience as an All-Source intelligence analyst at a national intelligence organization (preferred).

• General knowledge of network and host log analysis with foundational understanding of Incident Response (IR) processes and procedures (preferred).

• Familiarity with EDR and SIEM solutions (preferred).

• Experience with using, developing, deploying, and managing honeypots (preferred).

🏝️ Benefits

• Competitive compensation and equity awards at a market-leading level.

• Comprehensive wellness programs addressing both physical and mental health.

• Generous vacation and holiday policies for recharging.

• Paid parental and adoption leave.

• Professional development opportunities available for all employees, regardless of their level or role.

• Employee Networks, neighborhood groups, and volunteer opportunities to foster connections.

• A vibrant office culture equipped with world-class amenities.

• Certified as a Great Place to Work™ globally.