ThreatLocker
Senior Kernel Software Developer
ThreatLocker - Orlando, Florida, us, 32885
Work at ThreatLocker
Overview
- View job
Overview
COMPANY OVERVIEW
ThreatLocker® is a leader in endpoint protection technologies, providing enterprise-level cybersecurity tools to improve the security of servers and endpoints. The ThreatLocker® platform with Application Allowlisting, Ringfencing™, Storage Control, Elevation Control, Endpoint Network Control, Configuration Management, and Operational Alert solutions are leading the cybersecurity market toward a more secure approach of blocking the exploits of application vulnerabilities.
POSITION OVERVIEW
We are seeking a
Windows Kernel Driver Engineer
with extensive experience in
filter driver development
and
Windows system internals
to join our cybersecurity product team. In this role, you will build and maintain critical kernel-mode components that power next-generation threat detection, prevention, and response capabilities on Windows systems.
JOB SCOPE
The Kernel Developer will be responsible for, but not limited to: Design and develop
kernel-mode filter drivers
(file system minifilter, registry filter, network filter, etc.) to support security monitoring and enforcement. Investigate and reverse-engineer Windows internals to implement low-level security features and bypass-resistant protections. Collaborate with the threat research, detection, and user-mode engineering teams to develop scalable and stealthy security solutions. Perform
in-depth kernel debugging , crash dump analysis, and performance tuning using WinDbg, ETW, and related tools. Develop robust, secure, and maintainable driver code that meets Microsoft's signing and certification standards. Monitor Windows platform changes to ensure compatibility and stability across OS versions. REQUIRED QUALIFICATIONS
5+ years of hands-on experience writing
Windows kernel-mode drivers , particularly
filter drivers. Expert knowledge of Windows system internals (memory management, I/O subsystem, object manager, etc.). Proficiency in
C/C++ , Windows Driver Kit (WDK), and kernel debugging tools. Experience in the
cybersecurity domain , especially endpoint protection, EDR, anti-malware, or kernel-level monitoring. Solid understanding of
code injection techniques, hooking, kernel-mode exploits , and mitigation strategies. Strong problem-solving skills and a security-first engineering mindset. PREFERRED QUALIFICATIONS
Experience with
malware analysis , reverse engineering, or rootkit detection. Familiarity with
Windows kernel threat models
and
secure coding practices. Exposure to Microsoft kernel-mode signing, WHQL, and driver submission processes Contributions to the infosec community (research, publications, open-source projects, talks) WORKING CONDITIONS
The duties described below are representative of those encountered while performing the essential functions of this position. If necessary, reasonable accommodation may be requested and will be evaluated for its relationship to the essential functions that must be performed.
Job will generally be performed in an office environment but may require travel to visit company offices and/or property locations. While performing duties of this job, would occasionally require to stand, walk, sit, reach with hands and arms, climb or balance, stoop or kneel, talk and hear, and use fingers and hands to feel objects and tools. Must occasionally lift and/or move up to 25 pounds. Specific vision abilities required include close vision, distance vision, depth perceptions, and the ability to adjust focus.
ThreatLocker® is a leader in endpoint protection technologies, providing enterprise-level cybersecurity tools to improve the security of servers and endpoints. The ThreatLocker® platform with Application Allowlisting, Ringfencing™, Storage Control, Elevation Control, Endpoint Network Control, Configuration Management, and Operational Alert solutions are leading the cybersecurity market toward a more secure approach of blocking the exploits of application vulnerabilities.
POSITION OVERVIEW
We are seeking a
Windows Kernel Driver Engineer
with extensive experience in
filter driver development
and
Windows system internals
to join our cybersecurity product team. In this role, you will build and maintain critical kernel-mode components that power next-generation threat detection, prevention, and response capabilities on Windows systems.
JOB SCOPE
The Kernel Developer will be responsible for, but not limited to: Design and develop
kernel-mode filter drivers
(file system minifilter, registry filter, network filter, etc.) to support security monitoring and enforcement. Investigate and reverse-engineer Windows internals to implement low-level security features and bypass-resistant protections. Collaborate with the threat research, detection, and user-mode engineering teams to develop scalable and stealthy security solutions. Perform
in-depth kernel debugging , crash dump analysis, and performance tuning using WinDbg, ETW, and related tools. Develop robust, secure, and maintainable driver code that meets Microsoft's signing and certification standards. Monitor Windows platform changes to ensure compatibility and stability across OS versions. REQUIRED QUALIFICATIONS
5+ years of hands-on experience writing
Windows kernel-mode drivers , particularly
filter drivers. Expert knowledge of Windows system internals (memory management, I/O subsystem, object manager, etc.). Proficiency in
C/C++ , Windows Driver Kit (WDK), and kernel debugging tools. Experience in the
cybersecurity domain , especially endpoint protection, EDR, anti-malware, or kernel-level monitoring. Solid understanding of
code injection techniques, hooking, kernel-mode exploits , and mitigation strategies. Strong problem-solving skills and a security-first engineering mindset. PREFERRED QUALIFICATIONS
Experience with
malware analysis , reverse engineering, or rootkit detection. Familiarity with
Windows kernel threat models
and
secure coding practices. Exposure to Microsoft kernel-mode signing, WHQL, and driver submission processes Contributions to the infosec community (research, publications, open-source projects, talks) WORKING CONDITIONS
The duties described below are representative of those encountered while performing the essential functions of this position. If necessary, reasonable accommodation may be requested and will be evaluated for its relationship to the essential functions that must be performed.
Job will generally be performed in an office environment but may require travel to visit company offices and/or property locations. While performing duties of this job, would occasionally require to stand, walk, sit, reach with hands and arms, climb or balance, stoop or kneel, talk and hear, and use fingers and hands to feel objects and tools. Must occasionally lift and/or move up to 25 pounds. Specific vision abilities required include close vision, distance vision, depth perceptions, and the ability to adjust focus.