Red Team Services Consultant (Remote, SGP)
As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn't changed - we're here to stop breaches, and we've redefined modern security with the world's most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We're also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We're always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.
About the Role:
CrowdStrike is looking for a technically sharp, pragmatic offensive security practitioner to join our Red Team in the JAPAC region. This is a hands-on role for someone who enjoys finding ways into things and who keeps their eye on what that's actually for: helping organisations get better at defending themselves. Our Red Team handles the full spectrum of offensive security work, from targeted penetration tests to complex, multi-stage adversary emulation exercises, but we're not here to run up a score against the client's defenders. We're here to find the gaps that matter, explain them clearly, and make it possible to close them. That means working collaboratively and keeping the end goal in mind: a measurably stronger security posture. The work requires technical depth, but it also requires the kind of client credibility that comes from being someone who's clearly on their side.
What You'll Do:
- Execute and lead Red Team and penetration testing engagements across a range of scopes and environments, with a focus on findings that clients can act on.
- Work as both an operator and engagement manager: coordinating with clients, directing team members, and keeping stakeholders well-informed throughout the engagement.
- Develop high-quality reports that document attack paths, findings, and pragmatic remediation recommendations, written for both technical teams and senior leadership.
- Contribute to the team's capability through tool development, research, and methodology improvements.
- Collaborate across CrowdStrike Services functions, working alongside our own "Blue" teams to help translate offensive findings into concrete defensive improvements.
- Present technical material clearly to non-technical and technical audiences, including senior executives.
Offensive Operations
- Demonstrated experience conducting Red Team and penetration testing engagements, with the ability to plan and drive assessments from end to end.
- Advanced proficiency with common offensive tooling, including C2 frameworks, and a solid understanding of why the tools work, not just how to run them.
- Strong tradecraft: familiarity with OPSEC considerations, detection avoidance, and the ability to adapt TTPs to the target environment.
- Advanced experience attacking Active Directory environments: privilege escalation, lateral movement, persistence, and credential abuse.
- Extensive knowledge of attacks against at least one of Windows, Linux, or macOS, with working familiarity across the others.
- Experience attacking AWS and Azure environments, including identity and access, compute, storage, and network attack paths.
- Familiarity with how cloud misconfigurations chain together into exploitable scenarios, not just as isolated findings.
- Experience developing offensive tooling or automating assessment tasks, whether building new capabilities or extending existing frameworks.
- Comfortable writing code that makes the team faster and more effective.
- Experience using AI tooling to sharpen and accelerate work (code generation, research, automation, documentation) is a strong advantage.
- Strong written and verbal communication in English. You can write a report finding that prompts a CISO to act and brief an engineer on an attack path without losing either audience.
- Comfortable presenting to senior stakeholders and managing client relationships directly throughout an engagement.
- The JAPAC region spans markets with very different expectations around communication style, hierarchy, and directness. Working effectively across that range is a real part of the job, not an afterthought.
- Additional language proficiency is an advantage, particularly Mandarin, Japanese, Hindi, or Thai.
Demonstrated capability matters more to us than a specific career path or credential set. We're interested in practitioners who have built real offensive depth and who approach the work with the goal of improving things for our customers.The depth could come from dedicated red team roles, a background in sysadmin or development that drifted toward security research, or something else entirely. The path matters less than whether the skills hold up under scrutiny and the approach is the right one. Offensive security certifications are a useful signal of hands-on capability. Credentials like OSCP, OSEP, OSED, OSCE3, GPEN, GXPN, CRTP, CRTO, CRT, and CCT-INF are all relevant. Broad governance and management certifications are not a focus for this role.
Bonus Points:
- Security community participation (conference talks, CVEs, published research, tool releases, blogging) is well regarded.
- Advanced experience attacking networking components: routers, switches, firewalls, and wireless infrastructure.
- Experience with hardware, embedded systems, physical security assessments, or OT/ICS environments.
You're not actually the adversary here - you're a trusted partner who thinks like one. The best engagements are collaborative, the findings have real follow-through, and the measure of a good assessment is whether the client ends up more defensible, not whether the red team "won." If that's how you think about this work, you'll fit in well.
The engagements are technically demanding, the clients are high-profile, and the region is varied enough in industry, environment, and security maturity that the work stays interesting. You'll have room to build tooling, contribute to methodology, and do research that sharpens the whole team.
#LI-JC2
#LI-Remote
Benefits of Working at CrowdStrike:
- Market leader in compensation and equity awards
- Comprehensive physical and mental wellness programs
- Competitive vacation and holidays for recharge
- Paid parental and adoption leaves
- Professional development opportunities for all employees regardless of level or role
- Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections
- Vibrant office culture with world class amenities
- Great Place to Work Certified™ across the globe
CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment. The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law. We base all employment decisions--including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs--on valid job requirements.
If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at recruiting@crowdstrike.com for further assistance.