Sr. Engineer- Product Abuse (Remote)

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.

CrowdStrike's Product Abuse team sits at the intersection of threat intelligence, detection engineering, and platform security — defending the Falcon platform against sophisticated adversaries. As a Sr. Engineer, you'll lead threat hunting operations, architect detection and prevention capabilities, and drive security enhancements across our product portfolio. You'll operate at both strategic and tactical levels alongside a close-knit team of industry-leading engineers, with direct and measurable impact on CrowdStrike's security posture at global scale.

• Lead threat hunting operations against emergent threat activity involving platform misuse — to determine impact and drive resolution

• Design and implement monitoring solutions to detect anomalies and potential abuse across external-facing services, APIs, and authentication surfaces

• Lead technical aspects of incident response, including attack vector analysis, countermeasure implementation, and post-incident review

• Develop automation and purpose-built tooling to streamline detection, mitigation, and reporting workflows

• Instrument event-driven tooling to drive hunting efficiency and proactive prevention of evolving TTPs

• Conduct regular security assessments and testing simulations targeting external attack surfaces and abuse vectors

• Advocate for and drive product security enhancements across the Falcon platform, influencing engineering teams to build abuse resistance into the product

• Implement and refine logging strategies to enhance visibility into potential abuse scenarios across cloud-native infrastructure

• Contribute to roadmap and strategic planning for abuse prevention, balancing proactive and reactive capabilities

• Support follow-the-sun operational coverage as part of a globally distributed team

What You Need:

• Motivated self-starter with 7+ years of experience in a cybersecurity engineering or threat intelligence environment, with a significant focus on threat hunting, attack mitigation, and tooling

• Proficiency in security automation and tool development

• Practical experience with cloud computing platform security services — particularly as they relate to infrastructure protection, identity and access management, and continuous monitoring

• Deep familiarity with abuse-relevant attack patterns including credential stuffing, account takeover, API abuse, trial fraud, and adversarial misuse of security tooling

• Ability to identify when external-facing services are exceeding baselines and correlate deviations with potential attack indicators

• Comprehensive understanding of TTPs employed by threat actors and the evolving threat landscape, including nation-state and eCrime actors

• Passionate about taking initiative to identify and develop enrichments and enhanced visibility

• Enthusiasm for collaboration across functional teams — including Product & Engineering — to drive platform-wide abuse resistance

Bonus Points:

• Experience leveraging AI coding assistants and LLM-based tools as a force multiplier — accelerating tooling development, detection engineering, and automation at a pace beyond traditional workflows

• Experience applying data science techniques — such as machine learning, neural networks, or streaming anomaly detection — to generate threat signals, identify behavioral outliers, or integrate disparate datasets at enterprise scale

• Experience with front-end UI design, including contributions to large and complex codebases using HTML5, JavaScript, React, or similar technologies

• Experience with SIEM platforms (e.g., LogScale) for large-scale threat hunting and detection engineering

• Experience with identity and authentication systems, including OAuth, SAML, MFA bypass techniques, and session abuse patterns

• Expertise in designing and implementing robust network and cloud security measures, and comprehensive logging and monitoring for threat detection and incident response

• Experience operating in or supporting a follow-the-sun security operations model

• Strong background in OSINT, cybercrime investigations, or intelligence collection involving complex adversarial networks

• Background in trust and safety, fraud detection, or abuse engineering at a SaaS or cloud platform

• Familiarity with the CrowdStrike Falcon platform and its sensor, cloud, and API architecture

• Exceptional problem-solving abilities with a methodical approach to complex, ambiguous security challenges

• Strong written and verbal communication skills for both technical and non-technical audiences, including executive stakeholders

• Self-motivated with the ability to work independently and as part of a globally distributed, collaborative team

• Excellent time management and ability to prioritize effectively under pressure

• Passion for continuous learning and staying current with emerging threats, adversary tradecraft, and the abuse landscape

#LI-Remote
#LI-CS1

Benefits of Working at CrowdStrike:

• Market leader in compensation and equity awards

• Comprehensive physical and mental wellness programs 

• Competitive vacation and holidays for recharge  

• Paid parental and adoption leaves

• Professional development opportunities for all employees regardless of level or role

• Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections

• Vibrant office culture with world class amenities

• Great Place to Work Certified™ across the globe

CrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program.

CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment. The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law. We base all employment decisions--including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs--on valid job requirements.

If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at [email protected] for further assistance.

Find out more about your rights as an applicant.

CrowdStrike participates in the E-Verify program.

Notice of E-Verify Participation

Right to Work

For detailed information about the U.S. benefits package, please click here.