Home
Recruiter
Log In

Sr. Security Researcher II (Remote, DEU)

Remote from
Germany flag
Germany
Annual salary
Undisclosed
Salary information is not provided for this position. Check our Salary Directory to estimate the average compensation for similar roles.
Department
Technical Support
Employment type
Full Time,
Job posted
Apply before
29 Jun 2026
Experience level
Midweight
Views / Applies
13 / 2
About company Share

About CrowdStrike

Stop breaches to allow our customers to go, protect, heal, and change the world.

Verified job posting
This job post has been manually reviewed for authenticity and compliance.

AI Summary

CrowdStrike is seeking a Senior Security Researcher II for their Advanced Research Team (ART) to conduct vulnerability research, develop automated tools for data analysis, and collaborate across teams. The role involves analyzing patches, identifying exploits, and publishing research. Candidates need strong reverse engineering, software development, and OS internals knowledge. The position is remote in Germany, offering flexibility and autonomy.

Role DNA

Job Complexity
Easy Hard
Pace & Pressure
Relaxed Fast-paced
Autonomy Level
Guided Full Ownership
Communication Load
Independent Highly Collaborative
AI Insight The role requires expert-level skills in vulnerability research, exploit development, and reverse engineering, with 4+ years of experience, making it highly challenging.

Salary Analysis

Median Market Rate
$180,000
US Market
$130k – $250k
0 $275k
AI Insight Salary not provided; estimated median $180,000 based on US market for senior security researcher roles. This is competitive for the skill level required.

Key Skills

Vulnerability Research Exploit Development Reverse Engineering Python Windows Internals Linux Internals GenAI/LLMs Threat Intelligence Malware Analysis Security Automation

I am excited to apply for the Sr. Security Researcher II position at CrowdStrike. With over 5 years of experience in vulnerability research and exploit development, I have a strong track record of identifying and mitigating advanced threats. My expertise in reverse engineering and Python development aligns with the role's requirements for automated analysis and tooling.

I am particularly drawn to CrowdStrike's mission to stop breaches and its AI-native platform. I have successfully analyzed vendor patches and developed proof-of-concept exploits, and I thrive in collaborative, remote environments. My background includes contributions to CTF competitions and published research in the cybersecurity community.

I am eager to bring my skills to the Advanced Research Team and contribute to cutting-edge threat intelligence. Thank you for considering my application.

Describe your experience with vulnerability research and exploit development. Provide an example of a complex vulnerability you discovered or analyzed.
I have over 5 years of experience in vulnerability research. For example, I analyzed a Microsoft Windows kernel patch to identify a privilege escalation vulnerability, developed a proof-of-concept exploit, and reported it responsibly. This involved reverse engineering the patch, understanding the root cause, and crafting an exploit that bypassed mitigations.
How have you used GenAI or LLMs in your security research?
I have used LLMs to automate code analysis and generate fuzzing harnesses. For instance, I leveraged GPT-4 to review decompiled code and identify potential vulnerabilities, significantly speeding up the analysis process. I also use them to generate regular expressions for pattern matching in large datasets.
Explain a time you had to reverse engineer a piece of malware. What tools and techniques did you use?
I analyzed a sophisticated APT malware sample using IDA Pro and WinDbg. I used dynamic analysis to trace system calls and static analysis to identify obfuscation techniques. I documented the malware's capabilities, including its command-and-control protocol, and shared indicators of compromise with the threat intelligence team.
How do you approach analyzing vendor patches to identify vulnerabilities?
I start by comparing patched and unpatched binaries using tools like Diaphora or Bindiff. I focus on changed functions that could indicate security fixes. Then I analyze the root cause of the vulnerability, often by tracing the patch logic and understanding the affected component. I then attempt to reproduce the vulnerability in the unpatched version.
Describe your experience with Windows and Linux internals. How has this knowledge helped in your research?
I have deep knowledge of Windows kernel internals (e.g., process management, memory management, and security mechanisms) and Linux systems (e.g., system calls, kernel modules). This understanding is crucial for developing exploits that bypass protections like ASLR and DEP. For example, I used knowledge of Windows kernel pool structures to exploit a heap overflow vulnerability.

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.

About the Role:

CrowdStrike Intelligence is seeking a motivated security researcher with excellent technical skills to join the Advanced Research Team (ART). Security Researchers within ART will be expected to apply a broad set of skills to support the CrowdStrike Intelligence mission. ART is responsible for researching and publishing on topics related to information security, providing technical expertise to other teams within CrowdStrike Intelligence, developing tools to support analysts in their day-to-day duties, and collecting technical artifacts about adversary activity.

Aside from working on longer-term research and collection projects, ART security researchers will be required to provide unique solutions on short notice to serve ad-hoc needs by other teams within CrowdStrike Intelligence.

What You’ll Do:

  • Develop automated solutions for collecting, processing and analyzing data at scale, e.g.

    • Vendor patch processing and analysis

    • Identification of exploits in large file collections

    • Identification of browser exploits

    • Identification of malicious infrastructure

  • Perform vulnerability research on a wide variety of targets, e.g.

    • Analyze vendor patches to identify vulnerabilities and develop proof-of-concept exploits

    • Review evidence of malicious activities (e.g. log files, payloads) to confirm exploitation of 0-day and n-day vulnerabilities, identify root causes and reproduce exploits

    • Identify new vulnerabilities in applications or products

  • Collaborate across other teams at CrowdStrike Intelligence and beyond to

    • Reproduce emerging vulnerabilities and provide actionable technical information

    • Inform on information security topics

    • Satisfy unique technical collection requirements

  • Publish research results on the CrowdStrike blog or at conferences

What You’ll Need:

  • Proficiency in English, both written and spoken

  • Strong information security background with 4+ years experience

  • Vulnerability research and exploit development experience

  • Ability to effectively leverage GenAI/LLMs to aid in software development and perform vulnerability research

  • Reverse engineering experience

  • Solid understanding of Microsoft Windows and Linux operating system internals

  • Solid software development experience (Python preferred)

  • Excellent problem solving skills, creativity and strong analytical skills to investigate, assess, validate, and think outside the box

  • Ability to work independently, with a customer-oriented mindset

  • Ability to work remotely, in a collaborative team environment

Bonus Points:

  • Successful participation in CTF competitions

  • Experience with mobile platforms and operating systems (e.g. Android, iOS)

  • Experience with macOS

  • Experience with the Go or Rust programming languages

  • Threat Intelligence background

Education:

  • M.A./M.Sc. or equivalent professional experience in Information Security/Computer Science/Computer Engineering, or a related field

#LI-Remote

#LI-EV1

Benefits of Working at CrowdStrike:

  • Market leader in compensation and equity awards

  • Comprehensive physical and mental wellness programs

  • Competitive vacation and holidays for recharge

  • Paid parental and adoption leaves

  • Professional development opportunities for all employees regardless of level or role

  • Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections

  • Vibrant office culture with world class amenities

  • Great Place to Work Certified™ across the globe

CrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program.

CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment. The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law. We base all employment decisions–including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs–on valid job requirements.

If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at [email protected] for further assistance.

Apply now >

Annual salary information is not provided for this position. Explore salary ranges for similar roles in our Salary Directory ›

This job listing has been manually reviewed by the Jobicy Trust & Safety Team for compliance with our posting guidelines, including verification of the company's legitimacy, accuracy of job details, clarity of remote work policy, and absence of misleading or fraudulent content.

How to apply

Did you apply? Let us know, and we’ll help you track your application.

For safety tips, see our guides, and please let us know if you need any assistance.

Log in to save
You're almost done!

Create a free account with us to save a history of all jobs you've shown interest in.

You can also continue as a guest if you prefer.

Share

See a few more

Similar Technical Support remote jobs

More Jobs

Job Search Safety Tips

Here are some tips to help you search and apply for jobs safely:
Watch out for suspicious jobs Don't apply for jobs that offer high pay for little work or offer to hire you without an interview. Read more ›
Check the employer's profile Make sure you're applying for a trustworthy job by visiting the employer's profile and learning more about them. Read more ›
Protect your information Don't share personal details like your bank account or government-issued ID on suspicious websites or messengers. Read more ›
Report jobs that feel unsafe If you see a job that seems misleading, inappropriate or discriminatory, report it for going against our policies and we'll review it.

Share this job

Jobicy+ Subscription

Jobicy

614 professionals pay to access exclusive and experimental features on Jobicy

Free

USD $0/month

For people just getting started

  • • Unlimited applies and searches
  • • Access on web and mobile apps
  • • Weekly job alerts
  • • Access to additional tools like Bookmarks, Applications, and more

Plus

USD $8/month

Everything in Free, and:

  • • Ad-free experience
  • • Daily job alerts
  • • Personal career consultant
  • • AI-powered job advice
Go to account ›