Senior Malware Reverse Engineer

Full Time
Irvine, CA
Areas of Interest: All Source Intelligence, Vulnerability Assessment and Management
report a problem
Virtual / Telecommute
Remote work is frequently a way to describe working from a home office or being a telecommuter. Depending on the job and company, remote work offers the ability to work from anywhere in the world. To do a remote job, professionals need access to tools like phone/internet service and a quiet place to work without distraction.

Your dream job at CrowdStrike is waiting
Join the company now backed by Google Capital 

CrowdStrike is a leading provider of next-generation endpoint protection, threat intelligence, and pre- and post incident response services. We are the fastest growing endpoint protection company, one of the World's Most 50 Innovative Companies according to MIT, and one of Forbes Most Promising Companies. Our growth and innovation are driven by incredible employees who deliver unmatched customer success. Join us today! 

The CrowdStrike Intelligence Team is seeking a motivated senior malware reverse engineer with excellent technical skills to research advanced cybercriminal attacks. The Intelligence Team’s Technical Analysis Cell (TAC) is at the forefront of CrowdStrike’s battles with nation state adversaries and criminal actors. We combine world-class intelligence analysis with deep-dive reverse engineering and malicious code analysis, building and using cutting-edge automation systems to deliver actionable indicators and operational insights. This is a highly technical position on the E-Crime TAC team that serves an important role in developing finished intelligence products, conducting analysis, increasing our coverage of the global threat landscape, and contributing to the continuous tracking of criminal adversary groups.

*Must be located in the U.S., U.K., Canada, Australia, Germany, or the Netherlands.


  • Discover, analyze and track advanced cyber-attack campaigns through malware reverse engineering and document findings.
  • Produce high-quality threat intelligence reporting for all levels of readership, including actionable mitigation and detection guidance.
  • Develop tools to assist with automation of malware analysis tasks and tracking of threat actors.
  • Contribute to active mitigation efforts and support incident response engagements with technical expertise.
  • Write blog articles on novel threats and research results.




  • Profound knowledge of reverse engineering tools (disassemblers, decompilers, debuggers) and processes (unpacking malware, reconstructing code logic, etc).
  • At least five years of experience in static and dynamic malicious code reverse engineering.
  • Strong knowledge of the most prevalent E-Crime malware families and botnets.
  • Knowledge of programming and scripting languages, in particular Python.
  • Solid understanding of Windows OS internals and the Windows API.
  • Ability to analyze raw network data and to develop custom protocol decoders and decryption tools.
  • Ability to express complex technical and non-technical concepts in verbal and graphical products.
  • Excellent writing skills are mandatory.


  • A background in exploit and vulnerability analysis is a plus.
  • At least ten years of experience in static and dynamic malicious code reverse engineering.
  • MA/MS degree, Ph.D. or equivalent experience in Computer Science, or a related field.


  • BA/BS or equivalent experience in Computer Science, or a related field


CrowdStrike is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law.

External Recruiting Agencies/Vendors: CrowdStrike does not accept unsolicited resumes from any external agency. Unsolicited resumes submitted by agencies to CrowdStrike will become the property of CrowdStrike and may be contacted and engaged with directly by CrowdStrike. CrowdStrike has not agreed to pay placement or any other fee to companies who have not been specifically retained to conduct a candidate search or for any unsolicited resume.

Share this job:


CrowdStrike™ is a leading provider of next-generation endpoint protection, threat intelligence, and pre- and post incident response services. CrowdStrike Falcon is the first true Software as a Service (SaaS) based platform for next-generation endpoint protection that detects, prevents, and responds to attacks, at any stage - even malware-free intrusions. Falcon’s patented lightweight endpoint sensor can be deployed to over 100,000 endpoints in hours providing visibility into billions of events in real-time. CrowdStrike operates on a highly scalable subscription-based business model that allows customers the flexibility to use CrowdStrike-as-a-Service to multiply their security team’s effectiveness and expertise with 24/7 endpoint visibility, monitoring, and response.
Visit CrowdStrike's Social Media pages:
Company Industry: Computer & Network Security
Company Size: 201-500