CrowdStrike Logo

CrowdStrike

Emerging Threats Intelligence Analyst Intern (Remote)

Posted 3 Days Ago
Be an Early Applicant
Remote
2 Locations
Internship
Remote
2 Locations
Internship
The internship involves analyzing cloud service activity logs, reconstructing cyber incidents, documenting findings, and potentially developing tools for automating threat analysis. Candidates will collaborate in a remote team to enhance cybersecurity measures against threats.
The summary above was generated by AI

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate an inclusive culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Our University Recruiting program is dedicated to attracting and cultivating the future leaders of this industry. This program offers paid positions for students and recent grads, designed to provide exposure to work that makes an impact while being supported through a structured experience with seasoned professionals. Ready to join a mission that matters? The future of cybersecurity starts with you.

About the Role:

This is a highly technical position on one of two teams within the Technical Analysis Cell (TAC), at the forefront of CrowdStrike's mission against nation state and criminal adversaries. Both teams are tasked with investigating, reconstructing and reverse engineering newly discovered, malicious artefacts and documenting analysis results as a stream of intelligence reporting. We are often the first to analyze previously unknown threats. One team encounters mobile malware (primarily APKs); The other team analyses cloud activity logs; We respond quickly when needed and perform equally well at conducting detailed analysis. Communication and collaboration with other teams of CrowdStrike is highly important to facilitate this.

As distributed international teams, we are looking for an energetic self-starter with the ability to take ownership and be accountable for deliverables while at the same time supporting and helping to improve upon our analysis workflow. If you'd like to work with passionate people in a fast-paced, team-oriented environment, you've come to the right place!

Depending on the candidates aptitude we can offer a role on one of two teams: The Mobile Mission or the Cloud Mission

What You’ll Do:

  • Maintain a detailed understanding of the technical details of cloud intrusions through analyzing cloud provider activity logs, such as AWS CloudTrail and Azure Activity Logs.

  • Convert your understanding to an intelligence report

What You’ll Need:

  • Familiarity with at least one cloud service provider (AWS, Azure, GCP) as a user e.g., creating identities

  • Investigative mindset

  • Team player: someone who is eager to help, teach, and learn from others

  • Strong problem-solving skills

  • Independent Learner

Bonus Points:

  • Knowledge of programming and scripting languages, in particular Python

  • Ability to express complex technical and non-technical concepts

  • Understanding of identity and access management for at least one major cloud service provider (AWS, Azure, GCP)

  • Familiarity with at least one major cloud service provider’s (AWS, Azure, GCP) cloud activity logs e.g. CloudTrail, Azure Activity logs, GCP Audit Logs

What You’ll Do:

  • Create tools to automate analysis tasks and tracking of threat actors.

  • Contribute to active mitigation efforts with technical expertise.

  • Track relations between new threats and existing actors using in-house tools.

  • Document threat evolutions and intelligence gaps for the broader Intelligence Team.

  • Create host-based and network-based signatures suited for large-scale hunting, detection, and tracking of threats.

What You’ll Need:

  • Team player: someone who is eager to help, teach, and learn from others

  • Malware-analysis or knowledge of reverse-engineering principles

  • First exposure to analyzing malware targeting mobile devices

  • Ability to reconstruct incidents based on cloud activity logs from at least one major cloud service provider (AWS, Azure, or GCP)

  • Strong problem-solving skills

  • Ability to express complex technical and non-technical concepts

  • Ability to learn new analysis techniques quickly, especially when faced with less-common file types

  • Solid writing skills

  • Knowledge of programming and scripting languages, in particular Python

  • Actively enrolled in university and completing an undergraduate degree in Cybersecurity, Computer Science or related field in your penultimate year of study (2026 graduate)

Bonus Points:

  • Solid understanding of mobile platforms

  • Dynamic instrumentation frameworks

  • Experience identifying and classifying malicious tooling through development of signatures that can be used for tracking and hunting purposes

  • Familiarity with at least a couple of the following tools and languages;

  • IDA

  • Ghidra

  • JEB

  • WinDbg

  • x86dbg/x64dbg

  • Parallels or Virtual Box

  • Java

  • C/C++

  • Rust

  • Golang

  • C#

  • .NET

This is a 12 week internship commencing on Monday 2nd June and completing on Friday 22nd August.

#LI-Remote

#LI-RM1

What You Can Expect:

  • Remote-friendly and flexible work culture

  • Market leader in compensation and equity awards

  • Paid holidays (including birthday holidays) and 401k matching

  • Professional development opportunities including workshops, tech talks, and Executive Speaker Series

  • Assigned mentors from across the company for continuous support and feedback

  • Participation in companywide initiatives including ERGs, FalconFIT, Wellness Programs, and Employee Assistance Program

  • Employee Resource Groups, geographic neighbourhood groups and volunteer opportunities to build connections

  • Vibrant office culture with world class amenities

  • Ownership of impactful projects that move the company forward

  • Great Place to Work Certified™ across the globe

CrowdStrike is proud to be an equal opportunity and affirmative action employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. Our approach to cultivating a diverse, equitable, and inclusive culture is rooted in listening, learning and collective action. By embracing the diversity of our people, we achieve our best work and fuel innovation - generating the best possible outcomes for our customers and the communities they serve.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at [email protected]
for further assistance.

Top Skills

C
C#
C++
Go
Java
Python
Rust

Similar Jobs at CrowdStrike

Be an Early Applicant
3 Days Ago
4 Locations
Remote
10,000 Employees
Entry level
10,000 Employees
Entry level
Cloud • Information Technology • Sales • Security • Cybersecurity
As a Security Researcher, you will conduct technical analysis of cyber intrusions, enhance understanding of tools used in attacks, produce reports and collaborate with teams to track adversaries and improve detection strategies.
Be an Early Applicant
13 Days Ago
4 Locations
Remote
10,000 Employees
Senior level
10,000 Employees
Senior level
Cloud • Information Technology • Sales • Security • Cybersecurity
The Senior Security Researcher will track and analyze data from the cybercriminal underground to protect CrowdStrike's customers. Responsibilities include conducting research, managing collections projects, and collaborating with stakeholders. The role requires strong operational security knowledge and experience in cyber threat intelligence.
Be an Early Applicant
13 Days Ago
2 Locations
Remote
10,000 Employees
Senior level
10,000 Employees
Senior level
Cloud • Information Technology • Sales • Security • Cybersecurity
The Senior VoIP Engineer will expand and support enterprise VoIP systems, provide advanced support, and ensure excellent customer service in a dynamic environment. Responsibilities include troubleshooting, incident management, vendor management, and contributing to continuous improvement in VoIP platforms.

What you need to know about the Bristol Tech Scene

Along with Gloucester, Swindon and Bath, Bristol is part of the "Silicon Gorge" tech hub, a region in the U.K. renowned for its high-tech and research-driven industries, with a particular emphasis on sustainability and reducing environmental impact. As the European Green Capital, Bristol is home to 25,000 cleantech companies, including Baker Hughes and unicorn Ovo Energy. The city has committed to achieving net-zero emissions within the next decade.

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account