Sr. Engineer- Product Abuse (Remote)

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.About the RoleCrowdStrike's Product Abuse team sits at the intersection of threat intelligence, detection engineering, and platform security — defending the Falcon platform against sophisticated adversaries. As a Sr. Engineer, you'll lead threat hunting operations, architect detection and prevention capabilities, and drive security enhancements across our product portfolio. You'll operate at both strategic and tactical levels alongside a close-knit team of industry-leading engineers, with direct and measurable impact on CrowdStrike's security posture at global scale.What You'll DoLead threat hunting operations against emergent threat activity involving platform misuse — to determine impact and drive resolutionDesign and implement monitoring solutions to detect anomalies and potential abuse across external-facing services, APIs, and authentication surfacesLead technical aspects of incident response, including attack vector analysis, countermeasure implementation, and post-incident reviewDevelop automation and purpose-built tooling to streamline detection, mitigation, and reporting workflowsInstrument event-driven tooling to drive hunting efficiency and proactive prevention of evolving TTPsConduct regular security assessments and testing simulations targeting external attack surfaces and abuse vectorsAdvocate for and drive product security enhancements across the Falcon platform, influencing engineering teams to build abuse resistance into the productImplement and refine logging strategies to enhance visibility into potential abuse scenarios across cloud-native infrastructureContribute to roadmap and strategic planning for abuse prevention, balancing proactive and reactive capabilitiesSupport follow-the-sun operational coverage as part of a globally distributed teamWhat You Need:Motivated self-starter with 7+ years of experience in a cybersecurity engineering or threat intelligence environment, with a significant focus on threat hunting, attack mitigation, and toolingProficiency in security automation and tool developmentPractical experience with cloud computing platform security services — particularly as they relate to infrastructure protection, identity and access management, and continuous monitoringDeep familiarity with abuse-relevant attack patterns including credential stuffing, account takeover, API abuse, trial fraud, and adversarial misuse of security toolingAbility to identify when external-facing services are exceeding baselines and correlate deviations with potential attack indicatorsComprehensive understanding of TTPs employed by threat actors and the evolving threat landscape, including nation-state and eCrime actorsPassionate about taking initiative to identify and develop enrichments and enhanced visibilityEnthusiasm for collaboration across functional teams — including Product & Engineering — to drive platform-wide abuse resistanceBonus Points:Experience leveraging AI coding assistants and LLM-based tools as a force multiplier — accelerating tooling development, detection engineering, and automation at a pace beyond traditional workflowsExperience applying data science techniques — such as machine learning, neural networks, or streaming anomaly detection — to generate threat signals, identify behavioral outliers, or integrate disparate datasets at enterprise scaleExperience with front-end UI design, including contributions to large and complex codebases using HTML5, JavaScript, React, or similar technologiesExperience with SIEM platforms (e.g., LogScale) for large-scale threat hunting and detection engineeringExperience with identity and authentication systems, including OAuth, SAML, MFA bypass techniques, and session abuse patternsExpertise in designing and implementing robust network and cloud security measures, and comprehensive logging and monitoring for threat detection and incident responseExperience operating in or supporting a follow-the-sun security operations modelStrong background in OSINT, cybercrime investigations, or intelligence collection involving complex adversarial networksBackground in trust and safety, fraud detection, or abuse engineering at a SaaS or cloud platformFamiliarity with the CrowdStrike Falcon platform and its sensor, cloud, and API architectureSoft SkillsExceptional problem-solving abilities with a methodical approach to complex, ambiguous security challengesStrong written and verbal communication skills for both technical and non-technical audiences, including executive stakeholdersSelf-motivated with the ability to work independently and as part of a globally distributed, collaborative teamExcellent time management and ability to prioritize effectively under pressurePassion for continuous learning and staying current with emerging threats, adversary tradecraft, and the abuse landscape#LI-Remote#LI-CS1Benefits of Working at CrowdStrike:Market leader in compensation and equity awardsComprehensive physical and mental wellness programs Competitive vacation and holidays for recharge  Paid parental and adoption leavesProfessional development opportunities for all employees regardless of leve