Senior Windows Internals Engineer

at Cybereason
  • Remote - Japan

Remote

Software Development

Senior

Job description

About the Role:

We’re looking for a Senior Windows Internals Engineer to join our Endpoint team and help build the core technology behind Cybereason’s Windows agent. In this role, you’ll design and implement low-level Windows components, including kernel drivers and user-mode services, that power advanced threat detection and response capabilities. You’ll work closely with security researchers, sensor developers, and platform engineers to ensure our agent is stable, stealthy, and performant across all supported environments.

This role demands strong C++ expertise, deep knowledge of Windows OS internals, and a passion for building secure, high-impact software.

Key Responsibilities:

  • Design and develop low-level components for the Windows endpoint sensor, focusing on stability, performance, and stealth

  • Build drivers and user-mode services that collect, filter, and analyze endpoint telemetry

  • Implement robust techniques for process/thread monitoring, registry tracking, file system interception, and network event visibility

  • Debug complex kernel-mode and user-mode issues across Windows versions

  • Collaborate with researchers and product teams to translate threat intelligence into product features

  • Conduct code reviews, mentor engineers, and contribute to architecture decisions

  • Stay current with Windows internals, security trends, and system programming practices

Required Qualifications:

  • 5+ years of hands-on experience in C++ development (C++11 or later)

  • In-depth understanding of Windows internals: kernel architecture, system calls, memory management, drivers

  • Proven experience in kernel-mode development (e.g., Windows Drivers, Windows Filtering Platform, minifilters, ETW)

  • Strong debugging and reverse engineering skills (WinDbg, Process Monitor, Process Explorer, IDA/Ghidra)

  • Familiarity with Windows security mechanisms: integrity levels, UAC, AppLocker, and secure boot

  • Experience using Visual Studio, Windows Driver Kit (WDK), and related build/debug environments

Preferred Qualifications:

  • Experience building or contributing to endpoint security products (EDR, AV, EPP, etc.)

  • Familiarity with Windows telemetry, event logs, Sysmon, and ETW tracing

  • Experience with malware analysis, Windows exploit techniques, or SOC/DFIR workflows

  • Scripting capabilities in PowerShell or Python for automation and testing

  • Understanding of kernel-mode security evasion techniques and defenses

  • Background in code signing, driver deployment, and secure update mechanisms

  • Bachelor’s degree in Computer Science, Software Engineering, or equivalent experience

What We Offer:

  • Competitive salary and comprehensive benefits package

  • Flexible working hours with remote work options

  • Opportunities for professional growth and continuous learning

  • A collaborative and innovative team culture

#LI-Remote

More About Cybereason:

Our culture and how we operate reflects in our shared values. Our #Defenders are individuals with diverse skill sets and backgrounds who are driven to innovate and scale with our growing organization. We are a team that strives to learn from each other, solve challenging problems, and work collaboratively toward our goal of reversing the adversary advantage.

Core Values:

  • Win As One: The power of an individual is less than the power of a team.
  • Ever Evolving: Change keeps us at the forefront, so we encourage it.
  • Daring: To achieve the impossible, we must dare to be different.
  • Obsessed with Customers: We believe gaining our customers’ trust is the most important part of what we do.
  • Never Give Up: We are tenacious and resilient, and we never stop.
  • UbU: We believe people can only unlock their full potential when they work somewhere that accepts who they are.

If these values resonate with you and our vision excites you, join us today and help us end cyber attacks from the endpoint to everywhere! #Defenders

Don’t meet every single requirement? Studies have shown that women and people of color are less likely to apply to jobs unless they meet every single qualification. At Cybereason we are dedicated to building a diverse, inclusive, and authentic workplace (#uBu), so if you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyways. You may be just the right candidate for this or other roles.

Share this job:
Please let Cybereason know you found this job on Remote First Jobs 🙏

Similar Remote Jobs

Cybereason logo

Cybereason

  • 1001-5000 employees
  • Founded in 2012
  • 11 remote jobs

Latest Jobs at Cybereason

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service 🙏

Apply now