black.ai
Windows Kernel Developers
black.ai - Georgia Center, Vermont, United States
Work at black.ai
Overview
- View job
Overview
About the Role:
We are seeking an experienced and passionate
Windows Kernel Developer
to join our EDR/XDR Agent/Sensor Development Team. The ideal candidate will have expertise in Windows internals, kernel-mode driver development, and C/C++ programming. You will be responsible for building core components of our EDR/XDR agent/sensor that operate in both user-mode and kernel-mode, focusing on system monitoring, threat detection, and remediation. What You’ll Do at Cyble: Collaborate with senior kernel developers to design, develop, and maintain Windows kernel-mode drivers for various EDR/XDR modules. Develop drivers for device management capabilities such as USB and Bluetooth controls. Create user-mode services that interface with kernel drivers for event processing and policy enforcement. Implement real-time remediation actions like process termination, quarantine, and system snapshot management. Debug and resolve BSODs, race conditions, memory leaks, and performance issues. Integrate with backend admin consoles using formats like JSON and Protobuf. Work with Threat Intelligence Systems and downstream components. Coordinate with cross-functional teams to translate detection use cases into scalable agent features. What You’ll Need: Proficiency in C and C++, including multithreading and synchronization primitives. Deep understanding of Windows OS internals such as kernel objects, memory management, and I/O management. Experience developing WDM, KMDF, or Minifilter drivers. Knowledge of Windows security architecture, process and thread management, file system architecture, and Registry internals. Familiarity with monitoring frameworks and kernel hooks. Experience with ETW, Sysmon, and kernel telemetry pipelines. Experience implementing hooks for processes, libraries, file systems, registry, and device access controls. Ability to develop remediation components for various threats. Proficiency with debugging tools like WinDbg, Driver Verifier, and analyzing Blue Screen errors. Understanding endpoint security concepts, including EDR/XDR behaviors. Cyble Offers: A dynamic, collaborative work environment. Opportunities for learning and career growth. Mentorship from experienced developers to enhance your skills. Cyble considers an individual's skillset, experience, and location in salary decisions. All qualified applicants will receive consideration without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, veteran status, or genetics. About Cyble: Founded in 2019, Cyble is transforming cybersecurity intelligence globally, with offices in multiple countries. Our mission is to provide visibility, intelligence, and cybersecurity protection using advanced technology, making the digital world safer for all. We value innovation, inclusivity, and employee contributions, fostering a culture of continuous improvement.
#J-18808-Ljbffr
Windows Kernel Developer
to join our EDR/XDR Agent/Sensor Development Team. The ideal candidate will have expertise in Windows internals, kernel-mode driver development, and C/C++ programming. You will be responsible for building core components of our EDR/XDR agent/sensor that operate in both user-mode and kernel-mode, focusing on system monitoring, threat detection, and remediation. What You’ll Do at Cyble: Collaborate with senior kernel developers to design, develop, and maintain Windows kernel-mode drivers for various EDR/XDR modules. Develop drivers for device management capabilities such as USB and Bluetooth controls. Create user-mode services that interface with kernel drivers for event processing and policy enforcement. Implement real-time remediation actions like process termination, quarantine, and system snapshot management. Debug and resolve BSODs, race conditions, memory leaks, and performance issues. Integrate with backend admin consoles using formats like JSON and Protobuf. Work with Threat Intelligence Systems and downstream components. Coordinate with cross-functional teams to translate detection use cases into scalable agent features. What You’ll Need: Proficiency in C and C++, including multithreading and synchronization primitives. Deep understanding of Windows OS internals such as kernel objects, memory management, and I/O management. Experience developing WDM, KMDF, or Minifilter drivers. Knowledge of Windows security architecture, process and thread management, file system architecture, and Registry internals. Familiarity with monitoring frameworks and kernel hooks. Experience with ETW, Sysmon, and kernel telemetry pipelines. Experience implementing hooks for processes, libraries, file systems, registry, and device access controls. Ability to develop remediation components for various threats. Proficiency with debugging tools like WinDbg, Driver Verifier, and analyzing Blue Screen errors. Understanding endpoint security concepts, including EDR/XDR behaviors. Cyble Offers: A dynamic, collaborative work environment. Opportunities for learning and career growth. Mentorship from experienced developers to enhance your skills. Cyble considers an individual's skillset, experience, and location in salary decisions. All qualified applicants will receive consideration without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, veteran status, or genetics. About Cyble: Founded in 2019, Cyble is transforming cybersecurity intelligence globally, with offices in multiple countries. Our mission is to provide visibility, intelligence, and cybersecurity protection using advanced technology, making the digital world safer for all. We value innovation, inclusivity, and employee contributions, fostering a culture of continuous improvement.
#J-18808-Ljbffr