Professional Services Principal Consultant - Red Team (Remote, SAU) Crowdstrike

The Principal Red Team Consultant will execute and lead Red Team and penetration testing engagements, working with CrowdStrike customers to test their ability to prevent, detect, and respond to attacks against their ICT systems. The Senior Red Team Consultant is expected to be able to coordinate with senior leadership, plan, and oversee execution of assessments and assist the other CrowdStrike Services functions to help improve customers' security defence. This person should be capable of supporting, managing, and mentoring less experienced Red Team members.

The right individual for our team should have excellent energy, drive and a real desire to help organisations find and fix gaps in their security controls. Strong communication and technical skills are a must, along with the ability to collaborate with teammates in the APJ region and globally. If you have penetration testing experience you are encouraged to apply.

What You ll Do:

• Work as an operator and project manager, coordinating with clients and team members to execute Red Team and penetration testing assessments

• Develop high-quality reports detailing identified attack paths, vulnerabilities, and pragmatic recommendations for remediation, written for both management and technical audiences.

• Contribute to development of the Red Team's capabilities via tool development, research, and mentorship to junior team members.

• Produce high-quality written and verbal reports, presentations, recommendations, and findings to customer management.

• Present technical material to non-technical and technical audiences

• Demonstrate industry thought leadership through blog posts, CrowdCasts, and other public speaking events.

What You ll Need:

• Experience conducting Red Team/penetration testing assessments

• Advanced experience with common pentest/Red Team tools, including common C2 frameworks.

• Advanced experience attacking Active Directory and other common enterprise infrastructure.

• Advanced experience attacking AWS, Azure and other cloud infrastructure.

• Tool development experience and/or experience in automation and scripting of applications and systems.

• Extensive knowledge of attacks on one of: Windows / *NIX / MacOS operating systems, familiarity attacking others.

• Security community participation (conference speaker, blogger, tool development, etc.) is highly preferred

• Advanced experience attacking networking components (routers, switches, firewalls, wireless access points, etc.) is desirable

• Communication: exceptional written and oral communication skills. Ability to write and present technical content, including being able to present to senior executives.

Bonus Points:

• Relevant certifications are desirable but not required - e.g. OSCP, OSEP, OSED, GPEN, GXPN, CRT, CCT-Inf, CCSAS, CRTP, CRTO, etc.