Overview

We’re looking for a Senior Windows Drivers Engineer to join our Endpoint team and help build and enhance the core technology behind Cybereason’s Windows agent. In this role, you’ll design and implement low-level Windows components, including Windows kernel drivers and user-mode services, that power advanced threat detection and response capabilities. You’ll work closely with security researchers, sensor developers, and platform engineers to ensure our agent is stable, stealthy, and performant across all supported environments.

This role demands strong C++ expertise, deep knowledge of Windows OS internals, KMDF (Kernel-Mode Driver Framework), and a passion for building secure, high-impact software.
Project Overview:

Responsibilities:
  • Design and develop low-level components for the Windows endpoint sensor, focusing on stability, performance, and stealth.
  • Build kernel-mode drivers and user-mode services that collect, filter, and analyze endpoint telemetry.
  • Implement robust techniques for process/thread monitoring, registry tracking, file system interception, and network event visibility.
  • Debug complex kernel-mode and user-mode issues across multiple Windows versions.
  • Collaborate with researchers and product teams to translate threat intelligence into product features.
  • Conduct code reviews, mentor engineers, and contribute to architectural decisions.
  • Stay current with Windows internals, security trends, and system programming best practices.
Required Qualifications:
  • 5+ years of hands-on experience in C++ development (C++11 or later).
  • In-depth understanding of Windows internals, including kernel architecture, system calls, memory management, and drivers.
  • Proven experience developing Windows kernel drivers using KMDF, Windows Filtering Platform (WFP), minifilters, and ETW.
  • Strong debugging and reverse engineering skills using tools such as WinDbg, Process Monitor, Process Explorer, IDA, or Ghidra.
  • Familiarity with Windows security mechanisms, including integrity levels, UAC, AppLocker, and Secure Boot.
  • Experience using Visual Studio, Windows Driver Kit (WDK), and related development environments.
Nice To Have:
  • Experience building or contributing to endpoint security products (EDR, AV, EPP, etc.).
  • Familiarity with Windows telemetry, Event Logs, Sysmon, and ETW tracing.
  • Experience with malware analysis, Windows exploitation techniques, or SOC/DFIR workflows.
  • Experience in the cybersecurity domain is a plus.
  • Scripting skills in PowerShell or Python for automation and testing.
  • Understanding of kernel-mode security evasion techniques and defensive mechanisms.
  • Experience with code signing, driver deployment, and secure update mechanisms.
  • Bachelor's degree in Computer Science, Software Engineering, or equivalent practical experience.
Note:

✨ Our intelligent job search engine discovered this job and republished it for your convenience.
Please be aware that the job information may be incorrect or incomplete. The job announcement remains the property of its original publisher. To view the original job and its full details, please visit the job's URL on the owner’s page.

Please clearly mention that you have heard of this job opportunity on https://ijob.am.