About CrowdStrike

CrowdStrike stands as a global leader in cybersecurity, safeguarding the people, processes, and technologies powering modern organizations. Since 2011, our unwavering mission has been to stop breaches using the world's most advanced AI-native platform, the CrowdStrike Falcon platform. We process nearly 3 trillion events daily across large-scale distributed systems, serving customers in every major industry. Our remote-first culture empowers CrowdStrikers with flexibility and autonomy to own their careers while fostering innovation and customer obsession. As a Great Place to Work Certified™ company, we cultivate belonging and equal opportunity for all.

Role Overview

The Sr. Detections Engineer (Hybrid, ISR) role in Tel Aviv, Israel, places you at the forefront of cloud security innovation within CrowdStrike's Cloud Content Research team. This team stops real-world adversaries targeting cloud infrastructure by translating frontline intelligence from Threat Intelligence, OverWatch, and Incident Response into cutting-edge detection capabilities. You'll leverage deep cloud expertise to create advanced content that protects enterprise-scale environments across AWS, Azure, GCP, and more, driving the future of cybersecurity with the Falcon platform.

Key Responsibilities

In this senior role, you'll research and develop detection content for sophisticated cloud-native attacks, including identity threats, data exfiltration, and privilege escalation. Design correlation logic bridging runtime events and control plane activities, implementing detections in multi-cloud and hybrid setups. Collaborate closely with cross-functional teams to operationalize real adversary tactics observed in the wild, while partnering with Product and Engineering to evolve detection technologies. Your work directly enhances Falcon's ability to preempt breaches at scale.

Daily Impact

Expect to analyze massive security datasets, innovate on emerging attack techniques, and balance strategic research with rapid response, ensuring CrowdStrike remains ahead of evolving threats.

Qualifications & Requirements

What You'll Need: A strong foundation in detection engineering or cloud security operations, paired with deep knowledge of cloud architectures and security models. Extensive hands-on experience crafting detection content for cloud environments and analyzing large-scale datasets is essential. Bring strong analytical problem-solving, plus excellent collaboration and communication skills to thrive in our dynamic teams.

Desired Experience

Stand out with expertise in major providers like AWS, Azure, GCP, OCI; SIEM platforms and query languages (LogScale advantage); Linux and Kubernetes security; threat research or incident response; MITRE ATT&CK for Cloud; and a proven track record improving detection efficacy at scale. Experience with cloud-native attacks and cross-team security projects sets top candidates apart.

Benefits & Perks

CrowdStrike offers market-leading compensation with equity awards, comprehensive wellness programs for physical and mental health, generous vacation, holidays, paid parental leaves, and professional development for every role. Build connections through Employee Networks, volunteer opportunities, and vibrant hybrid offices with world-class amenities. We're committed to veterans and individuals with disabilities via affirmative action.

Career Growth

Our remote-first culture provides limitless passion-driven growth. Join a mission-driven team where autonomy fuels innovation. Access tailored development programs, cross-team projects, and exposure to cutting-edge Falcon enhancements, propelling your cybersecurity career forward.

Why Join CrowdStrike

Be part of redefining security with the Falcon platform's AI-native power. Work on trillion-event-scale systems, collaborate with elite teams, and protect global enterprises from breaches. In Tel Aviv's hybrid ISR environment, enjoy premium perks, equity upside, and a culture valuing innovation, community, and customer success. The future of cybersecurity starts with you—stop breaches where they begin.

Role FAQs

Is this role hybrid or remote?

Hybrid in Tel Aviv, Israel, aligning with our flexible remote-first culture.

What cloud platforms are focused?

Major providers including AWS, Azure, GCP, OCI, with multi-cloud emphasis.

Do I need threat research experience?

Desired but not required; strong detection engineering background suffices.

What's the team structure?

Cloud Content Research, partnering with Threat Intel, OverWatch, IR, Product, and Engineering.

How does Falcon fit in?

Your detections power Falcon's cloud protection, processing massive daily events.