Intelligence Intern - Emerging Threats

About the Role:

This is a highly technical position on one of two teams within the Technical Analysis Cell (TAC), at the forefront of CrowdStrike's mission against nation state and criminal adversaries. Both teams are tasked with investigating, reconstructing and reverse engineering newly discovered, malicious artifacts and documenting analysis results as a stream of intelligence reporting. We are often the first to analyze previously unknown threats. One team encounters mobile malware (primarily APKs); The other team analyses cloud activity logs; We respond quickly when needed and perform equally well at conducting detailed analysis. Communication and collaboration with other teams of CrowdStrike is highly important to facilitate this.

As distributed international teams, we are looking for an energetic self-starter with the ability to take ownership and be accountable for deliverables while at the same time supporting and helping to improve upon our analysis workflow. If you'd like to work with passionate people in a fast-paced, team-oriented environment, you've come to the right place!

Depending on the candidates aptitude we can offer a role on one of two teams: The Mobile Mission or the Cloud Mission

Cloud Mission

What You’ll Do:

• Maintain a detailed understanding of the technical details of cloud intrusions through analyzing cloud provider activity logs, such as AWS CloudTrail and Azure Activity Logs.

• Convert your understanding to an intelligence report

What You’ll Need:

• Actively enrolled in a university, studying Computer Science, Cyber Security or related field (2027 graduate).

• Familiarity with at least one cloud service provider (AWS, Azure, GCP) as a user e.g., creating identities

• Investigative mindset

• Team player: someone who is eager to help, teach, and learn from others

• Strong problem-solving skills

• Independent Learner

Bonus Points:

• Knowledge of programming and scripting languages, in particular Python

• Ability to express complex technical and non-technical concepts

• Understanding of identity and access management for at least one major cloud service provider (AWS, Azure, GCP)

• Familiarity with at least one major cloud service provider’s (AWS, Azure, GCP) cloud activity logs e.g. CloudTrail, Azure Activity logs, GCP Audit Logs

Mobile Mission

What You’ll Do:

• Create tools to automate analysis tasks and tracking of threat actors.

• Contribute to active mitigation efforts with technical expertise.

• Track relations between new threats and existing actors using in-house tools.

• Document threat evolutions and intelligence gaps for the broader Intelligence Team.

• Create host-based and network-based signatures suited for large-scale hunting, detection, and tracking of threats.

What You’ll Need:

• Actively enrolled in a university, studying Computer Science, Cyber Security or related field (2027 graduate).

• Team player: someone who is eager to help, teach, and learn from others

• Malware-analysis or knowledge of reverse-engineering principles

• First exposure to analyzing malware targeting mobile devices

• Ability to reconstruct incidents based on cloud activity logs from at least one major cloud service provider (AWS, Azure, or GCP)

• Strong problem-solving skills

• Ability to express complex technical and non-technical concepts

• Ability to learn new analysis techniques quickly, especially when faced with less-common file types

• Solid writing skills

• Knowledge of programming and scripting languages, in particular Python

Bonus Points:

• Solid understanding of mobile platforms

• Dynamic instrumentation frameworks

• Experience identifying and classifying malicious tooling through development of signatures that can be used for tracking and hunting purposes

• Familiarity with at least a couple of the following tools and languages;

• IDA

• Ghidra

• JEB

• WinDbg

• x86dbg/x64dbg

• Parallels or Virtual Box

• Java

• C/C++

• Rust

• Golang

• C#

• .NET

This is a 12 week internship commencing on Monday 1st June and completing on Friday 21st August.

What You Can Expect:

• Remote-friendly and flexible work culture

• Market leader in compensation and equity awards

• Paid holidays (including birthday holidays) and 401k matching (where applicable)

• Professional development opportunities including workshops, tech talks, and Executive Speaker Series

• Assigned mentors from across the company for continuous support and feedback

• Participation in companywide initiatives including FalconFIT, Wellness Programs, and Employee Assistance Program

• Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections

• Vibrant office culture with world class amenities

• Ownership of impactful projects that move the company forward

• Great Place to Work Certified™ across the globe

CrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program.

CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment. The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law. We base all employment decisions--including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs--on valid job requirements.

If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at recruiting@crowdstrike.com for further assistance.