Dear CrowdStrike Talent Acquisition team,
I would like to apply for the Incident Response Engineer role you have posted on your careers page. My focus these past few years has been incident response, and I would be glad to bring that to your team.
Ahead of writing I read about CrowdStrike, and what stood out was your Falcon platform and the incident-response research your team keeps publishing on the latest intrusions. This looks like a strong time to join, and I would gladly put my incident response experience to work there.
Reading the posting, the three needs that stand out most are detection and triage, containment and eradication and forensics and post-incident reporting. Those decide whether an IR hire works out, and I have real results behind each.
On detection and triage, my daily tools are SIEM, EDR and alert triage. As an Incident Response Engineer at Secureworks, I handled triaging security alerts and running point on live incidents around the clock. Beyond that, I wrote the triage runbook the on-call team follows now.
For containment and eradication, I rely on containment, isolation and eradication. During my time as an Incident Response Engineer at Secureworks, I took on containing a ransomware outbreak before it spread past a handful of hosts.
On forensics and post-incident reporting, I bring disk and memory forensics, timelines and reporting. Working as an Incident Response Engineer at Secureworks, I owned rebuilding the post-incident report so leadership could act on it fast. Beyond that, I cut mean time to contain on critical incidents from hours to minutes.
I would be glad to walk through this in an interview and show why I fit. I am ready to be first on the scene when something breaks and drive it to a clean recovery, and to grow with the team.
I would be glad to find a time to talk.
Yours sincerely,
Theo Script
theo.script@gmail.com