Core System Engineer ? Windows Agent Specialist

Job Description

About Cyber Periscope Cyber Periscope is building a world-class Extended Detection & Response (XDR) platform to redefine cybersecurity for enterprises, critical infrastructure, and cloud-first organizations. Our vision is to surpass industry leaders like CrowdStrike and Wiz by delivering next-gen telemetry collection, real-time detection, AI-driven response, and compliance automation at scale. Role Overview As a Windows Agent Specialist , you will architect and implement the Cyber Periscope agent for the Windows ecosystem. You will dive deep into Windows internals to capture process, registry, file system, and network telemetry with minimal system overhead. Your work will form the ?eyes and ears? of the Cyber Periscope platform, enabling reliable endpoint visibility at scale. Key Challenges Achieving high-fidelity telemetry with near-zero performance impact. Hardening agents against tampering, bypasses, and stealth techniques. Ensuring compatibility across legacy and modern Windows versions. Delivering secure OTA updates with WASM bundle execution. Responsibilities Develop high-performance agent modules for Windows endpoints (Win10/11, Server editions). Implement telemetry collection pipelines using ETW, Sysmon, and kernel drivers. Build watchdogs and anti-tamper features to ensure resilience against adversaries. Optimize performance for 10,000+ EPS per endpoint under real-world workloads. Collaborate with backend teams to standardize schemas for ingestion pipelines. Integrate OTA update mechanism with GPG-signed WASM bundles. Participate in threat modeling to validate resilience against advanced attacks. Required Qualifications Expert in C/C++/Rust programming with Windows internals knowledge. Deep expertise in ETW, MiniFilter drivers, NDIS, and kernel debugging. Experience with Sysinternals tools (ProcMon, WinDbg, Sysmon). Familiarity with endpoint security solutions (EDR/XDR, OSQuery, CarbonBlack). Strong understanding of memory forensics, process injection, DLL hijacking, etc. Preferred Qualifications Prior work developing commercial endpoint agents. Experience with sandboxing and WASM execution. Contributions to open-source security tools. What We Offer Chance to architect a next-gen global security platform. Opportunity to work on advanced kernel-level engineering. Growth path toward Principal Security Engineer / Agent Architect .