CrowdStrike Logo

CrowdStrike

Sr. Software Engineer, Sensor - Anti-Tampering/SSP (Hybrid)

Posted 38 Minutes Ago
Be an Early Applicant
Hybrid
Sunnyvale, CA
140K-215K Annually
Senior level
Hybrid
Sunnyvale, CA
140K-215K Annually
Senior level
Design and implement anti-tampering protections for the Falcon sensor across major OSes. Develop tamper-prevention, detection, and response mechanisms, collaborate with red team/threat intelligence, write secure C/C++ and DSL code, build adversarial tests, participate in security reviews, and respond to production tamper incidents.
The summary above was generated by AI

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. We work on large scale distributed systems, processing almost 3 trillion events per day and this traffic is growing daily. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We're proud to work for a mission-driven company leveraging AI to transform the way we work. CrowdStrikers drive their careers through flexibility and autonomy while also being expected to contribute to a culture of responsible AI adoption, experimentation, and innovation. We use an AI-first mindset as a force multiplier to proactively and continuously accelerate execution, build expertise, uncover insights, and solve complex problems. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.


About the Role:
CrowdStrike's Sensor Security Platform (SSP) team is building up a dedicated Sensor Anti-Tampering engineering team to protect the Falcon sensor against adversary subversion. The Falcon sensor runs on millions of endpoints — and is a high-value target for sophisticated threat actors who seek to disable, evade, or degrade endpoint protection as a precursor to their attacks.
This role exists at the intersection of offense and defense: you will think like an adversary to protect one of the world's most widely deployed security agents. You will design and implement tamper-resistance, tamper-detection, and tamper-response capabilities that ensure the Falcon sensor remains operational and trustworthy — even when an attacker has elevated privileges on the endpoint.
The Anti-Tampering domain spans all major OS platforms: Windows, macOS, Linux. While no single engineer is expected to be expert across all platforms, you will bring deep OS and systems expertise on at least one, and develop cross-platform perspective as part of the team.
What You'll Do:

  • Design, implement and own sensor anti-tampering capabilities — including tamper prevention, tamper detection, and tamper response mechanisms

  • Collaborate with CrowdStrike's adversary intelligence, red team, and product security groups to stay ahead of emerging anti-EDR tradecraft

  • Partner with our threat analysts to understand adversary techniques targeting EDR agents (e.g. unhooking, driver manipulation, process termination, credential abuse, policy subversion) and develop mitigations against them

  • Reason about and enumerate the sensor's attack surface on your platform(s) of expertise, identifying gaps in tamper-resistance coverage

  • Contribute to cross-platform anti-tampering architecture — ensuring consistency of guarantees while respecting platform-specific realities

  • Write code in C/C++ and in CrowdStrike's internal domain-specific languages (you will be trained in the DSL; it is event-driven, asynchronous, and used extensively in the sensor's detection and response logic)

  • Write unit, functional and integration tests — including adversarial test cases that simulate tamper attempts

  • Participate in security design reviews for new sensor features, advising on tamper-resistance implications

  • Diagnose and respond to production escalations related to sensor tampering — including ProdSec and customer-reported issues

What You'll Need:

  • Deep systems programming expertise on at least one major platform (Windows, macOS, or Linux) — particularly in areas relevant to security agent protection: kernel interfaces, driver frameworks, process/memory protection, system service architecture

  • Ability to reason adversarially: understand how an attacker with local admin or root privileges would attempt to disable or evade a security agent, and design defenses accordingly

  • Strong C/C++ skills and comfort working in large, complex codebases

  • Ability to design and implement solutions that are both security-hardened and production-safe (anti-tampering must not compromise system stability)

  • Ability to reason about, describe, and communicate the security properties and assumptions of complex systems

  • Experience shipping security-critical software where correctness and reliability are non-negotiable

  • Ability to work effectively in a distributed, cross-timezone team with complex subject matter expertise

  • Proven experience utilizing AI technologies to enhance decision-making, streamline workflows and processes, improve efficiency and drive business outcomes.

Bonus Points:

  • Direct experience with anti-tampering, self-protection, or agent-hardening at another EDR/endpoint security company

  • Experience with Windows kernel development (minifilters, callbacks, protected processes, Secure Boot/ELAM, ETW)

  • Experience with macOS system extensions, endpoint security framework, or kext development

  • Experience with Linux security modules, eBPF, or kernel module development

  • Reverse engineering or vulnerability research background

  • Red team or offensive security experience (understanding attacker tooling that targets EDR)

  • Familiarity with hypervisor-level security or ESXi agent architecture

#LI-CW1

Benefits of Working at CrowdStrike:

  • Market leader in compensation and equity awards

  • Comprehensive physical and mental wellness programs 

  • Competitive vacation and holidays for recharge  

  • Paid parental and adoption leaves

  • Professional development opportunities for all employees regardless of level or role

  • Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections

  • Vibrant office culture with world class amenities

  • Great Place to Work Certified™ across the globe

CrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program.

CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment. The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law. We base all employment decisions--including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs--on valid job requirements.

If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at [email protected] for further assistance.

Find out more about your rights as an applicant.

CrowdStrike participates in the E-Verify program.

Notice of E-Verify Participation

Right to Work

CrowdStrike, Inc. is committed to fair and equitable compensation practices. Placement within the pay range is dependent on a variety of factors including, but not limited to, relevant work experience, skills, certifications, job level, supervisory status, and location. The base salary range for this position for all U.S. candidates is $140,000 - $215,000 per year, with eligibility for bonuses, equity grants and a comprehensive benefits package that includes health insurance, 401k and paid time off.

For detailed information about the U.S. benefits package, please click here

CrowdStrike Irvine, California, USA Office

Irvine, CA, United States

Similar Jobs at CrowdStrike

38 Minutes Ago
Remote or Hybrid
86K-135K Annually
Mid level
86K-135K Annually
Mid level
Cloud • Computer Vision • Information Technology • Sales • Security • Cybersecurity
Manage a team to operationalize global learning programs, coordinating logistics for virtual and in-person events, administering LMS and learning technologies, tracking participation metrics, managing internal communications and intranet content, and driving continuous improvement and AI-enabled learning initiatives.
Top Skills: Ai ToolsAi-Enabled Learning ToolsCrowdconnect IntranetDocebo LmsHr SystemsLearning Management System (Lms)Skillsoft Percipio
38 Minutes Ago
Hybrid
140K-215K Annually
Senior level
140K-215K Annually
Senior level
Cloud • Computer Vision • Information Technology • Sales • Security • Cybersecurity
Design and build scalable backend services and data pipelines for CrowdStrikes Exposure Management platform. Implement microservices in Golang/Python, process high-volume data, perform risk calculations, integrate cloud infrastructure, ensure reliability and monitoring, mentor engineers, and drive architectural improvements and remediation automation.
Top Skills: AIAWSAzureGCPGoKafkaMachine LearningMicroservicesPostgresPythonRedisRest Apis
38 Minutes Ago
Hybrid
140K-215K Annually
Senior level
140K-215K Annually
Senior level
Cloud • Computer Vision • Information Technology • Sales • Security • Cybersecurity
Architect and build a scalable risk intelligence platform: design backend Golang microservices, ingest high-volume data, run complex risk calculations, enable remediation automation, design infrastructure and pipelines, ensure reliability and monitoring, collaborate cross-functionally, and mentor engineers.
Top Skills: AIAWSAzureCassandraCqlDockerElasticsearchGCPGoGraph DatabasesKafkaKubernetesMachine LearningPostgresPythonRedisRest Apis

What you need to know about the Los Angeles Tech Scene

Los Angeles is a global leader in entertainment, so it’s no surprise that many of the biggest players in streaming, digital media and game development call the city home. But the city boasts plenty of non-entertainment innovation as well, with tech companies spanning verticals like AI, fintech, e-commerce and biotech. With major universities like Caltech, UCLA, USC and the nearby UC Irvine, the city has a steady supply of top-flight tech and engineering talent — not counting the graduates flocking to Los Angeles from across the world to enjoy its beaches, culture and year-round temperate climate.

Key Facts About Los Angeles Tech

  • Number of Tech Workers: 375,800; 5.5% of overall workforce (2024 CompTIA survey)
  • Major Tech Employers: Snap, Netflix, SpaceX, Disney, Google
  • Key Industries: Artificial intelligence, adtech, media, software, game development
  • Funding Landscape: $11.6 billion in venture capital funding in 2024 (Pitchbook)
  • Notable Investors: Strong Ventures, Fifth Wall, Upfront Ventures, Mucker Capital, Kittyhawk Ventures
  • Research Centers and Universities: California Institute of Technology, UCLA, University of Southern California, UC Irvine, Pepperdine, California Institute for Immunology and Immunotherapy, Center for Quantum Science and Engineering

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account