Senior Software Engineer – Linux/Mac Detections (Remote)

About the Role

CrowdStrike is looking for a Senior Software Engineer to join our growing Engine and Content Development (ECD) team which focuses on security related endpoint development on Windows, macOS, and Linux.

As a sensor engineer within the ECD team you will be focused on the analysis and development of detections for Unix based attack techniques across supported macOS and Linux versions. You’ll work collaboratively to implement these detections within the Falcon sensor which is a lightweight kernel-level module that observes system activity, recognizes malicious behavior, provides on-box prevention capability, and sends relevant security related data and telemetry to the Falcon cloud. You’ll help develop creative and resourceful ways to detect Mac/Linux specific threats while also helping develop cross platform features that cut across core OS subsystems such as analysis of file system, memory, process, and network telemetry. You’ll get exposure to both user-level and kernel-level coding practices.  You’ll collaborate with multiple teams within engineering, and will be expected to make significant contributions to the design and implementation of major development projects. We’re looking for smart people who want to be challenged and take ownership of what they build.

Key Qualifications:

  • 5+ years of experience with EITHER one of:
    • Reverse engineering, threat detection, and malware analysis; and an interest in on-device development, or
    • Designing, building, and delivering high-quality software in C/C++ with an interest in security.
  • Low-level OS knowledge of macOS and/or Linux operating system internals, components, APIs, and design.
  • Team player – able to lead, mentor, communicate, collaborate, and work effectively in a globally distributed team.

Preferred Qualifications:

  • Prior security experience, particularly in exploit and vulnerability analysis.
  • Prior experience working with low-level code, such as OS kernel, firmware or device drivers.
  • Low-level OS knowledge and experience with one of more of our supported sensor platforms including Windows, macOS, and Linux.
  • Understanding of kernel-mode and multi-threaded concurrent systems development in any of our supported platforms, with an interest to grow skills in all of them.
  • Prior development or testing experience with python.
  • Prior experience delivering software via agile processes.

You will:

  • Design and build detection logic and systems leveraged across teams within CrowdStrike to detect cyber attackers and stop breaches.
  • Extend our existing codebase and test suites utilizing C++, Python, and other tools as appropriate.
  • Brainstorm, define, and build collaboratively across multiple teams.
  • Build elegant, robust, and reliable solutions for complex technical problems.
  • Obsess about learning, and champion the newest technologies & tricks with others, raising the technical IQ of the team.
  • Deliver and accept feedback with grace and courtesy.
  • Troubleshoot issues within the product when necessary, assisting customer support.
  • Leverage your understanding of engineering best practices, including topics like secure coding, testing paradigms, effective peer code reviews, logging, and resilient architecture patterns, to ensure that our code is clean.
  • Be an energetic ‘self-starter’ with the ability to take ownership and be accountable for deliverables, both individually and when leading a team.

Benefits of Working at CrowdStrike:

  • Market leader in compensation and equity awards
  • Competitive vacation policy
  • Comprehensive health benefits + 401k plan
  • Paid parental leave, including adoption
  • Flexible work environment
  • Wellness programs
  • Stocked fridges, coffee, soda, and lots of treats


Join the world’s most secure businesses on the first cloud-native endpoint protection platform built to stop breaches.

Technology we use