About Cyber Periscope Cyber Periscope is building a world-class Extended Detection & Response (XDR) platform to redefine cybersecurity for enterprises, critical infrastructure, and cloud-first organizations. Our vision is to surpass industry leaders like CrowdStrike and Wiz by delivering next-gen telemetry collection, real-time detection, AI-driven response, and compliance automation at scale. Role Overview As a Windows Agent Specialist , you will architect and implement the Cyber Periscope agent for the Windows ecosystem. You will dive deep into Windows internals to capture process, registry, file system, and network telemetry with minimal system overhead. Your work will form the “eyes and ears” of the Cyber Periscope platform, enabling reliable endpoint visibility at scale. Key Challenges Achieving high-fidelity telemetry with near-zero performance impact. Hardening agents against tampering, bypasses, and stealth techniques. Ensuring compatibility across legacy and modern Windows versions. Delivering secure OTA updates with WASM bundle execution. Responsibilities Develop high-performance agent modules for Windows endpoints (Win10/11, Server editions). Implement telemetry collection pipelines using ETW, Sysmon, and kernel drivers. Build watchdogs and anti-tamper features to ensure resilience against adversaries. Optimize performance for 10,000+ EPS per endpoint under real-world workloads. Collaborate with backend teams to standardize schemas for ingestion pipelines. Integrate OTA update mechanism with GPG-signed WASM bundles. Participate in threat modeling to validate resilience against advanced attacks. Required Qualifications Expert in C/C++/Rust programming with Windows internals knowledge. Deep expertise in ETW, MiniFilter drivers, NDIS, and kernel debugging. Experience with Sysinternals tools (ProcMon, WinDbg, Sysmon). Familiarity with endpoint security solutions (EDR/XDR, OSQuery, CarbonBlack). Strong understanding of memory forensics, process injection, DLL hijacking, etc. Preferred Qualifications Prior work developing commercial endpoint agents. Experience with sandboxing and WASM execution. Contributions to open-source security tools. What We Offer Chance to architect a next-gen global security platform. Opportunity to work on advanced kernel-level engineering. Growth path toward Principal Security Engineer / Agent Architect .
You will be responsible for architecting and implementing the Cyber Periscope agent for the Windows ecosystem. This involves delving into Windows internals to capture process, registry, file system, and network telemetry with minimal system overhead. Your role is crucial in providing reliable endpoint visibility at scale, making you a key player in the Cyber Periscope platform's success. Your responsibilities will include: - Developing high-performance agent modules for Windows endpoints, focusing on Win10/11 and Server editions. - Implementing telemetry collection pipelines using ETW, Sysmon, and kernel drivers. - Building watchdogs and anti-tamper features to enhance resilience against adversaries. - Optimizing performance to support 10,000+ EPS per endpoint under real-world workloads. - Collaborating with backend teams to standardize schemas for ingestion pipelines. - Integrating an OTA update mechanism with GPG-signed WASM bundles. - Participating in threat modeling to validate resilience against advanced attacks. To excel in this role, you are required to have: - Expertise in C/C++/Rust programming with a deep understanding of Windows internals. - Proficiency in ETW, MiniFilter drivers, NDIS, and kernel debugging. - Experience with Sysinternals tools such as ProcMon, WinDbg, and Sysmon. - Familiarity with endpoint security solutions like EDR/XDR, OSQuery, and CarbonBlack. - Strong knowledge of memory forensics, process injection, DLL hijacking, and related concepts. Preferred qualifications include: - Previous experience in developing commercial endpoint agents. - Knowledge of sandboxing and WASM execution. - Contributions to open-source security tools. Joining Cyber Periscope offers you the opportunity to: - Architect a next-gen global security platform. - Work on advanced kernel-level engineering. - Grow towards roles like Principal Security Engineer or Agent Architect.,