Remote - C++ Senior Windows Internals Engineer

Job Title: Senior Windows Internals EngineerLocation: Japan / RemoteAbout the RoleA global cybersecurity leader is seeking a Senior Windows Internals Engineer to driving the development of the core technology behind Cybereason’s Windows agent. In this role, you will design and implement low-level Windows components leading threat detection and response platform.You will collaborate closely with security researchers, platform engineers, and product teams to deliver high-performance, reliable, and stealthy endpoint capabilities. This position requires deep expertise in Windows OS internals, strong C++ skills, and a passion for building secure, impactful software.Key ResponsibilitiesDesign and develop low-level Windows components for the endpoint sensor, emphasizing performance, stability, and stealth.Develop and maintain kernel drivers and user-mode services for collecting and filtering endpoint telemetry.Implement monitoring mechanisms for processes, threads, registry, file systems, and network events.Diagnose and resolve complex kernel-mode and user-mode issues across various Windows versions.Partner with security researchers to translate threat intelligence into actionable product features.Conduct code reviews, mentor junior engineers, and contribute to system architecture decisions.Stay up to date with Windows internals, cybersecurity trends, and advanced system programming practices.Required Qualifications5+ years of C++ (C++11 or later) development experience.Deep knowledge of Windows internals, including kernel architecture, memory management, and system calls.Proven experience in kernel-mode development (e.g., WFP, minifilters, ETW).Strong debugging and reverse engineering skills (WinDbg, Process Monitor, IDA/Ghidra).Familiarity with Windows security mechanisms: UAC, integrity levels, AppLocker, Secure Boot.Proficiency with Visual Studio and Windows Driver Kit (WDK) development environments.Preferred QualificationsPrior experience building endpoint security products (EDR, AV, EPP, etc.).Knowledge of Windows telemetry, event logs, Sysmon, and ETW tracing.Exposure to malware analysis, Windows exploitation techniques, or DFIR workflows.Scripting experience in PowerShell or Python for automation/testing.Understanding of kernel-mode evasion techniques and defensive strategies.Experience with code signing, driver deployment, and secure update pipelines.Bachelor’s degree in Computer Science, Software Engineering, or equivalent experience.What We OfferCompetitive salary and comprehensive benefits package.Flexible working hours and remote work options.Continuous learning opportunities and professional development support.A collaborative, innovative, and mission-driven culture focused on defeating cyber threats.