Principal Consulant - SaaS Security Assessments (Remote) at CrowdStrike, Inc.

Posted in Other 12 days ago.

Location: Sunnyvale, California





Job Description:
CrowdStrike, Inc.

Full time

R21134

About the Role:
CrowdStrike is looking for highly motivated, self-driven, technical cloud security consultants dedicated to making a difference in global security by protecting organizations against the most advanced attackers in the world. Our CrowdStrike Professional Services team offers opportunities to expand your skill set through a wide variety of impactful consulting engagements for many of the world's leading organizations. The Technical Assessment Consultant would be responsible for identifying and assessing technical risks, while providing meaningful and prioritized recommendations to enhance the security posture of customer Software as a Service (SaaS) environments.
Am I a Cloud Technical Assessments candidate?
  • Do you find yourself interested in and keeping up with the latest SaaS identity (Okta, Entra ID, etc.) feature announcements, as well as SaaS vulnerabilities and breaches?

  • Are you self-motivated and looking for an opportunity to rapidly accelerate your skills?

  • Do you crave new and innovative work that actually matters to your customer?

  • Do you have a technical Information Security background that you’re not fully utilizing?

  • Are you capable of operating as an individual contributor and occasionally leading teams and interacting with customers?

  • Do you love working around like-minded, smart people who you can learn from and mentor on a daily basis?


  • What You’ll Do:
  • Lead engagements and perform analysis on technical assessments looking for evidence of compromise and/or security misconfigurations in SaaS platforms including

  • Produce high-quality written and verbal reports, presentations, recommendations, and findings to key stakeholders including customer management, regulators, and legal counsel.

  • Demonstrate industry thought leadership through blog posts, CrowdCasts, and other public speaking events.


  • What You’ll Need:
    Successful candidates will have experience in one or more of the following areas:
  • Knowledge of identity protocols, such as OAuth, SAML, and OpenID Connect for user access to SaaS applications.

  • An understanding of cloud identity, including RBAC, ABAC, SSO, MFA, and SaaS integration with cloud-based Identity Providers (IdPs).

  • A practical understanding of one or more of the following IdP platforms: Entra ID, Okta, Cloud Identity (Google Workspace), or Ping Identity.

  • An understanding of logging, monitoring, and alerting to detect unauthorized access to SaaS applications.

  • Hands-on experience reviewing SaaS or other platform security configurations including both using existing assessment tools and possibly scripting your own.

  • Communications: strong ability to communicate executive and/or detailed level findings to clients; ability to effectively communicate tasks, guidance, and methodology with internal teams.


  • Experience/training in the topics below is beneficial but not essential for consideration:
  • Familiarity with SaaS operations in an enterprise environment.

  • Knowledge of API authentication and authorization, including token-based security and OAuth.

  • Knowledge of SaaS architecture design principals, including data segmentation, multi-tenancy, and isolation.

  • Familiarity with one or more of SaaS security platforms.

  • Cloud Operations: familiarity with modern cloud workloads - DevOps, CICD pipelines, containers, and related security defenses and pitfalls.

  • Cloud Incident Response: knowledge in AWS, Azure, M365, or GCP incident response methodologies.

  • Incident Remediation: strong understanding of targeted attacks and able to create customized tactical and strategic remediation plans for compromised organizations related to major cloud platforms.


  • Additionally, all candidates must possess the following qualifications:
  • Capable of completing technical tasks without supervision.

  • Desire to grow and expand both technical and soft skills.

  • Strong project management skills.

  • Ability to foster a positive work environment and attitude.


  • Education:
    BA or BS / MA or MS degree in Computer Science, Computer Engineering, Math, Information Security, Information Assurance, Information Security Management, Intelligence Studies, Cybersecurity, or a related field. Applicants without a degree but with relevant work experience and/or training will be considered.
    Certifications:
    Holders of a CISSP, CISA, CISM, CCSP, or any practitioner or security certifications in AWS, Azure and GCP or other cloud/SaaS platforms may be considered in lieu of or in addition to a degree.

    #LI-AC1


    #LI-Remote


    CrowdStrike is proud to be an equal opportunity and affirmative action employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. Our approach to cultivating a diverse, equitable, and inclusive culture is rooted in listening, learning and collective action. By embracing the diversity of our people, we achieve our best work and fuel innovation - generating the best possible outcomes for our customers and the communities they serve.

    All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at recruiting@crowdstrike.com for further assistance.

    Find out more about your rights as an applicant.

    CrowdStrike participates in the E-Verify program.

    Notice of E-Verify Participation


    Right to Work








    PI255394649


    More jobs in Sunnyvale, California


    Meta

    Meta

    Infinera
    More jobs in Other


    i3

    i3

    Deployed Services, LLC