We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
Remote
Pluralsight, LLC jobs

Threat Engineer

Pluralsight, LLC
United States
Apr 08, 2026

Job Description:

We are a lean, fast-paced organization where security is paramount, but engineering velocity is sacred. We are looking for a highly focused Threat Engineer to serve as the primary administrator for our enterprise CrowdStrike deployment, while simultaneously owning our external attack surface and threat intelligence operations.

In this role, you will act as the critical bridge between external threat landscapes and our internal engineering and infrastructure teams. Your absolute top priority will be administering and tuning CrowdStrike Falcon to protect our endpoints. Additionally, you will operate our incoming threat intelligence, manage our corporate domain portfolio, and triage our crowdsourced bug bounty program. Your job is to identify, validate, and neutralize external threats, using external intelligence to directly harden our internal CrowdStrike policies.

Who you're committed to being:

  • A Self-Starter with Radical Ownership:You don't wait for a ticket to tell you something is wrong. You hold the authority to detect gaps and resolve them.

  • A Technical Translator:You can interpret a complex exploit payload or an unprocessed intelligence report and convert it into actionable requirements for a developer.

  • A Balanced Pragmatist:You understand that "secure" shouldn't mean "slow." You strive to integrate security into the engineering workflow rather than obstructing it.

  • A Diligent Gatekeeper:You hold external vendors and researchers to a high standard, ensuring that every pentest and bug bounty report adds genuine value to our security posture.

  • Analytically Rigorous:You enjoy the "hunt"-whether it's tracking down a typosquatted domain or reproducing a sophisticated OWASP Top 10 vulnerability.

What you'll do:

Threat Intelligence & Brand Protection

  • Daily Triage & Monitoring:Monitor our enterprise Threat Intelligence Platform (TIP) for high-fidelity alerts, credential exposures, and active exploitation of our tech stack.

  • Landscape Analysis:Analyze curated intelligence reports for emerging threat actors targeting our industry sector, translating raw data into proactive technical defenses inside CrowdStrike and our network perimeter.

  • Domain & Brand Administration:Serve as the primary administrator for our Enterprise Domain Management platform. Manage all corporate domain registrations, renewals, and DNS security records (DMARC, DKIM, SPF). Actively monitor for typosquatting and initiate takedowns when malicious intent is confirmed.

CrowdStrike Administration & Endpoint Defense

  • Platform Management:Serve as the primary owner and administrator for our enterprise CrowdStrike Falcon deployment. Ensure comprehensive sensor coverage, monitor host health, and troubleshoot deployment issues across diverse operating systems (Windows, macOS, Linux).

  • Policy Tuning:Continuously refine CrowdStrike prevention policies, IOCs, and exclusions based on incoming threat intelligence. Balance aggressive threat prevention with engineering velocity, actively minimizing false positives and developer friction.

Vulnerability Validation & Bug Bounty

  • Bug Bounty Triage:Manage our crowdsourced vulnerability disclosure program. Act as the first line of defense to triage, reproduce, and validate exploit reports (e.g., complex OWASP Top 10 payloads) submitted by external security researchers.

  • Developer Remediation:Translate validated vulnerability reports into actionable, context-rich Jira tickets for engineering teams. Ensure remediation aligns with our internal SLAs and risk profile.

Incident Response & Operations

  • Incident Handling:Lead investigations for escalated threat intelligence and CrowdStrike endpoint security alerts. You will execute the formal SANS incident response process-including preparation, identification, containment, eradication, recovery, and lessons learned-for each critical alert.

  • On-Call Rotation:Participate in a scheduled, shared on-call rotation to provide off-hours triage and containment for high-severity security events.

Experience you'll bring:

  • Operational Autonomy:Works on problems of diverse scope where analysis of information requires evaluation of identifiable factors. Uses evaluation, judgment, and interpretation to select the right course of action. Work is done independently and is reviewed at critical points.

  • CrowdStrike Expertise:Deep, hands-on experience administering, tuning, and deploying CrowdStrike Falcon in an enterprise environment. You must know how to navigate the console, build custom IOAs, and utilize Falcon Insight (Real Time Response).

  • Incident Response:Proven experience participating in an incident response lifecycle, performing log analysis, and containing live threats in a cloud-native or hybrid environment.

  • Vulnerability Validation:Proven experience manually validating web application and cloud vulnerabilities to effectively triage bug bounty submissions.

  • Brand & Domain Management:Experience managing corporate domain portfolios, DNS configurations, and digital brand protection strategies.

  • Preferred certifications: Endpoint & Response:CrowdStrike Certified Falcon Administrator (CCFA), CrowdStrike Certified Falcon Responder (CCFR), or GIAC Certified Incident Handler (GCIH); Threat Intelligence & Defense:GIAC Cyber Threat Intelligence (GCTI), CompTIA Cybersecurity Analyst (CySA+/SecurityX); Offensive Security & AppSec:GIAC Web Application Penetration Tester (GWAPT), Offensive Security Certified Professional (OSCP), or CompTIA PenTest+.

Requirements:

  • Requires 5+ years of related or equivalent experience within security operations, threat intelligence, or product security; or 3+ years with an advanced degree.

  • Works on problems of diverse scope where analysis of information requires evaluation of identifiable factors. Devises solutions based on limited information and precedent and adapts existing approaches to resolve issues. Uses evaluation, judgment, and interpretation to select the right course of action. Work is done independently and is reviewed at critical points.

  • Proven experience manually validating web application and cloud vulnerabilities. Ability to critically review third-party pentest reports to ensure vendor quality and accuracy.

  • Strong organizational discipline to manage external testing vendors, audit contractor workflows, and drive cross-functional remediation efforts without requiring direct authority.

  • Experience managing corporate domain portfolios, DNS configurations, and digital brand protection strategies.

  • This is a remote role;however, applicants located within 45 miles of our Westlake/Dallas, TX office should expect to work on-site Tuesday through Thursday, with remote flexibility on Mondays and Fridays. This approach enables more effective collaboration, quicker decision-making, and a stronger culture, while still providing flexibility.

Why you'll love working here:

  • We work in a blended environment that supports collaboration, flexibility, and connection across teams.

  • We are mission-driven, shaping the future of tech upskillling and delivering impact that matters.

  • We foster a culture of inclusion and belonging, where everyone can contribute and thrive.

  • We are always learning, creating an environment where you can take on new challenges, expand your skills, and grow with purpose.

  • Benefits include competitive compensation, bonus eligibility, comprehensive medical coverage, unlimited PTO, wellness reimbursement, professional development funds, and more.

About us:

Pluralsight provides the only learning platform dedicated to accelerating the technology skills and capabilities of today's tech workforce. Thousands of companies, government organizations and individuals around the world rely on Pluralsight to support critical technology skill development in areas that are crucial to innovation including artificial intelligence, cloud computing, cybersecurity, software development, and machine learning. We offer highly curated content developed by vetted technology experts, industry leading skill assessments, and hands on, immersive learning experiences designed to help individuals skill-up faster.

Physical Requirements:

This role is primarily performed in an office or home office setting and involves standard computer-based work.

EEOC & Accommodations Statement:

Bring yourself.Pluralsight is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age, or veteran status. We also consider qualified applicants with criminal histories, consistent with EEOC guidelines and local laws.

If you need an accommodation to apply, interview, or perform essential job functions, please visit thebottom of our websiteto learn how to request an accommodation. Learn more about our commitment to diversity, equity, inclusion, and belonging in ourDEIB Report.

Pay Transparency:

The annual US base salary range for this role is $106,400 - $140,000 USD. Actual compensation will depend on location, skills, experience, and other factors. Additional benefits and bonuses may apply.

Applications must be submitted within 90 days after the initial posting date to be considered.

Recruiting Scam Notice:

Please be aware of recruiting scams. We'll only contact you from an @pluralsight.com email or verified channels. We never ask for sensitive personal info or payments as part of the hiring process. All openings are posted on our Careers page.

#LI-SJ1

#LI-Remote

Applied = 0
MORE JOBS LIKE THIS

(web-bd9584865-8jwgc)