Sr. Software Engineer, Sensor - Anti-Tampering/SSP (Hybrid)

CrowdStrike Holdings, Inc.$140K — $215K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • Deep systems programming expertise on at least one major platform (Windows, macOS, or Linux) relevant to security protection
  • Ability to think adversarially and anticipate attacks against security agents
  • Strong skills in C/C++ with experience in large codebases
  • Expertise in design solutions that maintain both security and system stability
  • Effective communication regarding security properties of complex systems
  • Experience shipping security-critical software with a focus on correctness and reliability
  • Successful collaboration in a distributed, cross-timezone team environment

Responsibilities

  • Design and implement sensor anti-tampering capabilities
  • Collaborate with internal teams to combat emerging anti-EDR tactics
  • Partner with threat analysts to develop mitigations for adversary techniques
  • Assess and identify gaps in tamper-resistance on your primary platform
  • Contribute to a cross-platform anti-tampering architecture
  • Write code in C/C++ and internal domain-specific languages
  • Develop and run tests, including adversarial test cases
  • Engage in security design reviews for new features and assess tamper-resistance

Benefits

  • Market leader in compensation and equity awards
  • Comprehensive wellness programs for physical and mental health
  • Competitive vacation time and holidays
  • Paid parental and adoption leave
  • Opportunities for professional development
  • Employee Networks and volunteer opportunities
  • Vibrant office culture with world-class amenities
  • Recognition as a Great Place to Work Certified™ organization worldwide
Full Job Description
About the Role:
CrowdStrike's Sensor Security Platform (SSP) team is building up a dedicated Sensor Anti-Tampering engineering team to protect the Falcon sensor against adversary subversion. The Falcon sensor runs on millions of endpoints - and is a high-value target for sophisticated threat actors who seek to disable, evade, or degrade endpoint protection as a precursor to their attacks.

This role exists at the intersection of offense and defense: you will think like an adversary to protect one of the world's most widely deployed security agents. You will design and implement tamper-resistance, tamper-detection, and tamper-response capabilities that ensure the Falcon sensor remains operational and trustworthy - even when an attacker has elevated privileges on the endpoint.

The Anti-Tampering domain spans all major OS platforms: Windows, macOS, Linux. While no single engineer is expected to be expert across all platforms, you will bring deep OS and systems expertise on at least one, and develop cross-platform perspective as part of the team.

What You'll Do:
  • Design, implement and own sensor anti-tampering capabilities - including tamper prevention, tamper detection, and tamper response mechanisms
  • Collaborate with CrowdStrike's adversary intelligence, red team, and product security groups to stay ahead of emerging anti-EDR tradecraft
  • Partner with our threat analysts to understand adversary techniques targeting EDR agents (e.g. unhooking, driver manipulation, process termination, credential abuse, policy subversion) and develop mitigations against them
  • Reason about and enumerate the sensor's attack surface on your platform(s) of expertise, identifying gaps in tamper-resistance coverage
  • Contribute to cross-platform anti-tampering architecture - ensuring consistency of guarantees while respecting platform-specific realities
  • Write code in C/C++ and in CrowdStrike's internal domain-specific languages (you will be trained in the DSL; it is event-driven, asynchronous, and used extensively in the sensor's detection and response logic)
  • Write unit, functional and integration tests - including adversarial test cases that simulate tamper attempts
  • Participate in security design reviews for new sensor features, advising on tamper-resistance implications
  • Diagnose and respond to production escalations related to sensor tampering - including ProdSec and customer-reported issues


What You'll Need:
  • Deep systems programming expertise on at least one major platform (Windows, macOS, or Linux) - particularly in areas relevant to security agent protection: kernel interfaces, driver frameworks, process/memory protection, system service architecture
  • Ability to reason adversarially: understand how an attacker with local admin or root privileges would attempt to disable or evade a security agent, and design defenses accordingly
  • Strong C/C++ skills and comfort working in large, complex codebases
  • Ability to design and implement solutions that are both security-hardened and production-safe (anti-tampering must not compromise system stability)
  • Ability to reason about, describe, and communicate the security properties and assumptions of complex systems
  • Experience shipping security-critical software where correctness and reliability are non-negotiable
  • Ability to work effectively in a distributed, cross-timezone team with complex subject matter expertise
  • Proven experience utilizing AI technologies to enhance decision-making, streamline workflows and processes, improve efficiency and drive business outcomes.


Bonus Points:
  • Direct experience with anti-tampering, self-protection, or agent-hardening at another EDR/endpoint security company
  • Experience with Windows kernel development (minifilters, callbacks, protected processes, Secure Boot/ELAM, ETW)
  • Experience with macOS system extensions, endpoint security framework, or kext development
  • Experience with Linux security modules, eBPF, or kernel module development
  • Reverse engineering or vulnerability research background
  • Red team or offensive security experience (understanding attacker tooling that targets EDR)
  • Familiarity with hypervisor-level security or ESXi agent architecture


#LI-CW1

Benefits of Working at CrowdStrike:
  • Market leader in compensation and equity awards
  • Comprehensive physical and mental wellness programs
  • Competitive vacation and holidays for recharge
  • Paid parental and adoption leaves
  • Professional development opportunities for all employees regardless of level or role
  • Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections
  • Vibrant office culture with world class amenities
  • Great Place to Work Certified™ across the globe


CrowdStrike, Inc. is committed to fair and equitable compensation practices. Placement within the pay range is dependent on a variety of factors including, but not limited to, relevant work experience, skills, certifications, job level, supervisory status, and location. The base salary range for this position for all U.S. candidates is $140,000 - $215,000 per year, with eligibility for bonuses, equity grants and a comprehensive benefits package that includes health insurance, 401k and paid time off.

For detailed information about the U.S. benefits package, please click here.

About CrowdStrike Holdings, Inc.

CrowdStrike Holdings, Inc. Careers

Joining CrowdStrike Holdings, Inc. presents an unparalleled opportunity to advance a career in the tech industry with a company at the forefront of digital security. As a leader in cybersecurity solutions, CrowdStrike Holdings, Inc. offers a range of job opportunities that cater to a variety of skills and experiences, from entry-level positions to senior leadership roles.

Explore Job Opportunities

CrowdStrike Holdings, Inc. is continuously seeking talented individuals who are passionate about protecting organizations against cyber threats. With a commitment to innovation and excellence, the company is hiring professionals who are eager to contribute to a team that values hard work and creative solutions.

Innovation and Professional Growth

At CrowdStrike Holdings, Inc., employees are encouraged to push the boundaries of technology and leadership. The company supports professional growth through robust training programs, including leadership development and diversity training, ensuring that every team member has the resources to thrive in their career.

Culture and Benefits

The culture at CrowdStrike Holdings, Inc. is dynamic and inclusive, fostering a workplace where diversity is celebrated and every voice is heard. Employees enjoy comprehensive benefits that support both their professional and personal lives, enhancing job satisfaction and team morale.

Internship Programs

For those starting their career, CrowdStrike Holdings, Inc. offers internship programs that provide a rich learning environment. Interns gain hands-on experience, working alongside seasoned professionals and participating in projects that deliver real-world solutions.

Networking and Career Advancement

CrowdStrike Holdings, Inc. emphasizes the importance of networking within the industry, offering numerous opportunities for employees to connect with thought leaders and innovators. These connections can lead to career advancement and a deeper understanding of the cybersecurity landscape.

Applying for a Position

To apply for a position at CrowdStrike Holdings, Inc., candidates should prepare a resume that highlights relevant experience and skills. The interview process is designed to assess not only professional qualifications but also a candidate's fit within the company culture and team.

Stay Connected with CrowdStrike Careers

Interested candidates can stay informed about new openings and company news by subscribing to job alert emails. This personalized service ensures that potential applicants are the first to know about new opportunities that match their career interests and skills.

Join the Team

CrowdStrike Holdings, Inc. is looking for curious, creative, and solution-driven team players. Explore the employment opportunities on the CrowdStrike Holdings, Inc. careers page to find a position that matches your skills and passions.

SEARCH CROWDSTRIKE JOBS

Keep Up to Date

Stay ahead with career tips, insider perspectives, and industry-leading insights you can put to use today—all from the professionals who work at CrowdStrike Holdings, Inc.

READ CAREERS BLOG

Job Alert Emails

Customize your subscription to receive job alerts, latest news, and insider tips tailored to your preferences. Discover the exciting and rewarding career opportunities waiting at CrowdStrike Holdings, Inc.
Learn more about CrowdStrike Holdings, Inc.

Similar Jobs

More Jobs at CrowdStrike Holdings, Inc.

More Information Technology Jobs

Find similar Sr. Software Engineer, Sensor - Anti-Tampering/SSP (Hybrid) jobs: