Job Title: macOS Detection Engineer

Employment Type: Full-time

Position Overview

CrowdStrike, a global leader in cybersecurity, protects the people, processes, and technologies that drive modern organizations. Our mission since 2011 has been to stop breaches, and we have redefined modern security with the world's most advanced AI-native platform. We work on large-scale distributed systems, processing almost 3 trillion events per day, with this traffic growing daily. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe, and their lives moving forward. We are a mission-driven company that cultivates a culture giving every CrowdStriker the flexibility and autonomy to own their careers. We are always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation, and a fanatical commitment to our customers, our community, and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.

About the Role

In this role, you will research and develop techniques for detecting malicious activity occurring on macOS systems. Once researched, you will develop them into production-level solutions for deployment in the endpoint sensor. The role is a split of research and implementation, working alongside a small and nimble group of MacOS engineers and often leveraging shared code with other sensor platforms such as Windows and Linux.

Successful engineers in this role have:

• An understanding of macOS kernel and user space.
• A passion for continuous learning to keep up with an ever-changing threat landscape.
• A creative mindset for designing new detection methods.
• The discipline to write fast and reliable code.

What You'll Do

• Design and build detection logic and systems leveraged across teams within CrowdStrike to detect cyber attackers and stop breaches.
• Extend our existing codebase utilizing Swift, C++, Python, and other tools and DSLs (domain specific languages) as appropriate.
• Research techniques for detecting malicious activity, including some reverse engineering and/or big data analysis.
• Leverage your understanding of engineering best practices, including topics like secure coding, testing paradigms, debugging, performance, code reviews, CI/CD, and OS internals, to ensure that our sensor code is fast and reliable.
• Troubleshoot issues with the product as reported from customers responsively and other projects as assigned.
• Be an energetic ‘self-starter’ with the ability to take ownership and be accountable for deliverables, both individually and when leading a team.

What You'll Need

• 5+ years of experience with either:
  • Reverse engineering, threat detection, and malware analysis; and an interest in on-device development.
  • Designing, building, and delivering high-quality software in at least one of the following: Swift, C/C++, Python, Objective-C; and an interest in security.
• Low-level OS knowledge of macOS and/or Linux operating system internals, components, APIs, and/or frameworks.
• Team player – able to lead, mentor, communicate, collaborate, and work effectively in a distributed team, to clearly articulate thoughts & designs to peers and upper management.

Bonus Points

• Prior security experience, particularly in endpoint threat detections or sensor development.
• Familiarity with the threat landscape on Linux/Windows is a plus.
• Experience with macOS Frameworks and events relevant to security and recent familiarity with the recent developments in macOS.
• Experience developing 24/7 enterprise software, including CI, testing, debugging, performance tracing, release management, telemetry analysis, and issue handling.

Benefits of Working at CrowdStrike

• Remote-friendly and flexible work culture.
• Market leader in compensation and equity awards.
• Comprehensive physical and mental wellness programs.
• Competitive vacation and holidays for recharge.
• Paid parental and adoption leaves.
• Professional development opportunities.

#LI-SS1 #LI-MW1 #LI-Remote #HTF