Sr. Engineer II

CrowdStrike's Sensor and Language Tooling (SaLT) team is hiring an engineer to work on malware detection and prevention pipelines on our Falcon sensor. The SaLT team is responsible for a variety of internal tools which enable other teams at CrowdStrike to write security detections. Among the team’s responsibilities are a custom compiler toolchain for our in-house, security-focused domain specific language (DSL), and also core functions of our security detections platform. The SaLT team works closely with a wide range of other teams at CrowdStrike, helping dedicated engineers across the globe solve hard problems.

This role is focused on the CrowdStrike Falcon sensor’s detection pipelines and improving the sensor’s programmability tools.  Our detection and prevention pipelines respond to system events, such as process creation and network traffic, on endpoints running the Falcon sensor.  These pipelines collate and filter security-relevant events and transmit them to CrowdStrike’s cloud.  Our programmability tools allow the sensor’s behavior to be configured dynamically to allow fast response times to threat actors.

CrowdStrike is a remote-first company with offices and developers worldwide. Remote candidates living in the US and Canada are encouraged to apply. Candidates from the UK, EU or Australia are also very welcome to apply, but should know that coordination with US-based teams will be necessary and flexible working hours will be required. For those that prefer office life, CrowdStrike has engineering offices in Irvine (CA), Kirkland (WA), Minneapolis (MN), Sunnyvale (CA), London (UK) and Crystal City (VA). Occasional travel (<10%) is required.

CrowdStrike is a computer security company, but we do not require candidates for this role to have prior security industry experience. We will mentor and train in security topics as needed. We do expect a strong interest in CrowdStrike's mission and a willingness to grow.

What You’ll Do:

• Understand, modify and assume shared ownership of complex and critical sensor event and data processing pipeline logic - for the purposes of expanding and maintaining the systems as well as guiding future direction.

• Gain expertise in core logic of the falcon sensor, becoming a resource for other developers within Crowdstrike who use our team’s tools.

• Communicate design, constraints, guarantees and other aspects of the system.

• Communicate and collaborate with other teams at Crowdstrike, including engineering  teams who use our tools; adversary response teams; malware researchers; product and program managers; and others.

• Write code in a variety of languages, including internally developed, non-imperative domain-specific languages.  (Much, but not all, of the work we need will be written in the in house language for which our team owns the compiler.  This language is highly asynchronous and used to write responses to system events such as process creation and network traffic.  System programming experience on one or more of macOS, Linux, and Windows is helpful.)

• Write unit, functional and integration tests

• Diagnose and resolve issues discovered by customers or other engineering teams

• Work with language and compiler developers at CrowdStrike to help set direction and prioritize feature development

What You’ll Need:

• Take responsibility for and ownership of their work.

• Design and implement performant, functionally-correct and well-structured logic.

• Can understand, maintain, and improve a large existing codebase.

• Can reason about, describe and communicate the nature of complex, highly-concurrent systems.

• Can reason about how our endpoint interacts with our cloud, and communicate with cloud development teams for both design and troubleshooting.

• This is not primarily a C++ position (most work will be in either Python or our in-house security focused DSL), but the core runtime you will work with is in C++.  Ability to read this is critical, and you will probably touch it occasionally.

• Communicate, collaborate, and work effectively in a distributed team (across timezones and continents, and with a variety of subject matter expertise).

Bonus Points: 

• Fluency in writing Python

• Endpoint security background

• Experience designing or writing virtual machine runtimes

#LI-JC1

#LI-OC1

#LI-Remote

CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment. The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law. We base all employment decisions--including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs--on valid job requirements.

If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at [email protected] for further assistance.

Find out more about your rights as an applicant.

CrowdStrike participates in the E-Verify program.

Notice of E-Verify Participation