Senior Software Engineer- Windows Sensor (XDR)

Sr. Software Engineer- Windows Sensor (XDR Agent Development)

Location : Remote (India)

Availability : Immediate

About Cyber Periscope

Cyber Periscope is building a world-class Extended Detection & Response (XDR) platform to redefine cybersecurity for enterprises, critical infrastructure, and cloud-first organizations. Our vision is to surpass industry leaders like CrowdStrike and Wiz by delivering next-gen telemetry collection, real-time detection, AI-driven response, and compliance automation at scale.

Role Overview

As a

Windows Endpoint Security Engineer , you will design and develop the Cyber Periscope agent for the Windows ecosystem. You’ll work deep within Windows internals to capture process, registry, file system, and network telemetry with minimal system impact. Your engineering will power the “eyes and ears” of the Cyber Periscope platform—delivering reliable, high-performance endpoint visibility at scale.

Key Challenges

Achieving high-fidelity telemetry with near-zero performance impact.

Hardening agents against tampering, bypasses, and stealth techniques.

Ensuring compatibility across legacy and modern Windows versions.

Delivering secure OTA (Over-The-Air) updates with WASM bundle execution.

Responsibilities

Develop and maintain high-performance agent modules for Windows endpoints (Windows 10 / 11, Server editions).

Implement telemetry collection pipelines using ETW, Sysmon, and kernel drivers.

Build watchdogs and anti-tamper features for resilience against adversaries.

Optimize performance for 10,000+ Events Per Second (EPS) per endpoint.

Collaborate with backend engineers to standardize data schemas for ingestion pipelines.

Integrate OTA update mechanisms with GPG-signed WASM bundles.

Participate in threat modeling and validation against advanced attack vectors.

Required Qualifications

Expertise in

C / C++ / Rust

programming with strong

Windows internals

knowledge.

Deep understanding of

ETW ,

MiniFilter drivers ,

NDIS , and

kernel debugging .

Hands-on experience with

Sysinternals tools

(ProcMon, WinDbg, Sysmon).

Familiarity with

endpoint security solutions

(EDR / XDR, OSQuery, Carbon Black, etc.).

Strong understanding of

memory forensics, process injection, DLL hijacking , and evasion techniques.

Preferred Qualifications

Prior experience developing

commercial endpoint or EDR agents .

Exposure to

sandboxing ,

WASM execution , and

secure code signing .

Contributions to

open-source security or low-level system tools .

What We Offer

Opportunity to

architect a next-gen global security platform

from the ground up.

Hands-on work in

advanced kernel-level engineering and threat resilience .

Growth path toward

Principal Security Engineer / Agent Architect .

A culture that values deep technical curiosity, autonomy, and innovation.