Vacancy expired!
About the Team
You'll be joining our Data Protection Product Group, whose mission is to build a unified data security system which enables customers to identify and investigate insider threats, identify access to and movement of sensitive data, and ensure regulatory compliance by mitigating data loss risk.
About the Role
CrowdStrike Falcon Host is a two-component security product. One component is a "sensor": a driver installed on client machines that observes system activity and recognizes malicious behavior, then provides on-box prevention capability and remote telemetry to the Falcon Host cloud. The sensor processes thousands of events per second to provide deep visibility into operations on the endpoint, and performs rich correlation and computation to identify malicious events and blocks malicious activity.
The cloud component aggregates sensor telemetry for each customer's network, correlates malicious behavior across multiple machines, and presents our customers' operations teams with a prioritized summary of the threats detected in their environments.
This is a Windows Kernel Developer role in the engineering team that delivers data protection-focused functionality in the sensor (lightweight agent) on Windows. Engineers in the team own the design and development of core features on the platform. Kernel-centric data protection-focused functionality centers around the Windows filesystem minifilter stack and associated interactions with concrete local and remote filesystems. The team operates under the Agile development principles and ships frequently.
Responsibilities: