Red Team Services Consultant (Remote, SGP)

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you. About The Role: CrowdStrike is looking for a technically sharp, pragmatic offensive security practitioner to join our Red Team in the JAPAC region. This is a hands-on role for someone who enjoys finding ways into things and who keeps their eye on what that's actually for: helping organisations get better at defending themselves. Our Red Team handles the full spectrum of offensive security work, from targeted penetration tests to complex, multi-stage adversary emulation exercises, but we're not here to run up a score against the client's defenders. We're here to find the gaps that matter, explain them clearly, and make it possible to close them. That means working collaboratively and keeping the end goal in mind: a measurably stronger security posture. The work requires technical depth, but it also requires the kind of client credibility that comes from being someone who's clearly on their side. What You'll Do: • Execute and lead Red Team and penetration testing engagements across a range of scopes and environments, with a focus on findings that clients can act on. • Work as both an operator and engagement manager: coordinating with clients, directing team members, and keeping stakeholders well-informed throughout the engagement. • Develop high-quality reports that document attack paths, findings, and pragmatic remediation recommendations, written for both technical teams and senior leadership. • Contribute to the team's capability through tool development, research, and methodology improvements. • Collaborate across CrowdStrike Services functions, working alongside our own "Blue" teams to help translate offensive findings into concrete defensive improvements. • Present technical material clearly to non-technical and technical audiences, including senior executives. What You’ll Bring: Offensive Operations • Demonstrated experience conducting Red Team and penetration testing engagements, with the ability to plan and drive assessments from end to end. • Advanced proficiency with common offensive tooling, including C2 frameworks, and a solid understanding of why the tools work, not just how to run them. • Strong tradecraft: familiarity with OPSEC considerations, detection avoidance, and the ability to adapt TTPs to the target environment. Active Directory and Enterprise Infrastructure • Advanced experience attacking Active Directory environments: privilege escalation, lateral movement, persistence, and credential abuse. • Extensive knowledge of attacks against at least one of Windows, Linux, or macOS, with working familiarity across the others. Cloud • Experience attacking AWS and Azure environments, including identity and access, compute, storage, and network attack paths. • Familiarity with how cloud misconfigurations chain together into exploitable scenarios, not just as isolated findings. Tool Development and Automation • Experience developing offensive tooling or automating assessment tasks, whether building new capabilities or extending existing frameworks. • Comfortable writing code that makes the team faster and more effective. • Experience using AI tooling to sharpen and accelerate work (code generation, research, automation, documentation) is a strong advantage. Communication • Strong written and verbal communication in English. You can write a report finding that prompts a CISO to act and brief an engineer on an attack path without losing either audience. • Comfortable presenting to senior stakeholders and managing client relationships directly throughout an engagement. • The JAPAC region spans markets with very different expectations around communication style, hierarchy, and directness. Working effectively across that range is a real part of the job, not an afterthought. • Additional language proficiency is an advantage, particularly Mandarin, Japanese, Hindi, or Thai. Experience And Background: Demonstrated capability matters more to us than a specific career path or credential set. We're interested in practitioners who have built real offensive depth and who approach the work with the goal of improving things for our customers...