Job Description:
• Own end-to-end strategy, implementation, and operational health of CrowdStrike Falcon Identity Protection and the CSPM capabilities within CrowdStrike Cloud Security
• Proactively identify identity-based threats, misconfigurations, and cloud security gaps; drive remediation to closure in accordance with client policies and procedures
• Configure, tune, and maintain identity protection policies, IOM and IOA policies, and risk-based authentication controls
• Serve as the escalation point and trusted technical advisor to client leadership on identity and cloud security matters
• Develop runbooks, detection logic, and automation to reduce manual effort and improve response times
• Monitor the threat landscape and translate emerging risks into actionable hardening recommendations
• Coordinate and lead governance calls with stakeholders; produce agenda, notes, and follow-up actions independently
• Partner with other cybersecurity teams to integrate CrowdStrike telemetry into broader security operations
• Produce metrics, dashboards, and executive-level reporting on identity and cloud security posture
• Apply deep knowledge of identity-based attack techniques — including lateral movement, credential theft, Kerberoasting, and pass-the-hash — to inform detection and response strategy
Requirements:
• 7+ years of cybersecurity experience with a minimum of 2–3 years of hands-on administration of the CrowdStrike Falcon platform
• Demonstrated expertise with CrowdStrike Falcon Identity Protection, including policy configuration, threat detection, and conditional access
• Strong working knowledge of CrowdStrike Cloud Security, specifically CSPM
• Deep understanding of identity and access management concepts: Active Directory, Azure AD/Entra ID, LDAP, Kerberos, SAML, and OAuth
• Hands-on cloud security experience with Microsoft Azure including IAM, network security, and posture management
• Solid understanding of privileged access management and identity-based attack techniques (lateral movement, credential theft, Kerberoasting, pass-the-hash)
• Proven ability to work autonomously, set priorities, and drive outcomes without close supervision
• Strong written and verbal communication skills, including ability to explain technical risk to non-technical stakeholders
• Background in consulting or client-facing delivery roles
• Bachelor's degree in a related field or equivalent practical experience (4 additional years of relevant experience)
• At least one of the following active certifications: CWNE, CNDA (EC-Council), CEH (EC-Council), GPPA (GIAC), GCUX (GIAC), GCWN (GIAC), GMON (GIAC), GSE (GIAC), ITIL v3 Foundations, CCSP (ISC2), CISSP (ISC2), CISSP-ISSAP (ISC2), CISSP-ISSEP (ISC2), SSCP (ISC2), GWEB (GIAC), GISF (GIAC), GISP (GIAC), GSSP-.NET (GIAC), GSSP-JAVA (GIAC), GSEC (GIAC), or GSLC (GIAC)
• US Citizenship or Permanent Residency required; must be eligible for and willing to obtain a public trust clearance
• All work must be performed within the continental United States
Benefits:
• Medical — Multiple POS health plan options including an HSA-compatible plan
• Dental — PPO coverage for preventive, basic, and major services
• Vision — Annual exam, frames, lenses, and contact lens allowance
• 401(k) — Employer match up to 5% of eligible compensation
• PTO — 15–25 days annually based on tenure
• Paid Federal Holidays — All 11 federal holidays observed