Halcyon

Principal Kernel Engineer

Halcyon

full-time

Posted on:

Origin:  • 🌎 Anywhere in the World

Visit company website
AI Apply
Manual Apply

Salary

💰 $235,000 - $275,000 per year

Job Level

Lead

Tech Stack

Node.jsRust

About the role

  • What we do: Halcyon is the industry’s first dedicated, adaptive security platform that combines multiple proprietary advanced prevention engines along with AI models focused specifically on stopping ransomware.\n
  • Who we are: Halcyon was formed in 2021 by a team of cyber industry veterans after battling ransomware for years at some of the largest global security vendors. Comprised of leaders from Cylance (now Blackberry), Accuvant (now Optiv), Fireye and ISS X-Force (now IBM), Halcyon is focused on building products and solutions for mid-market and enterprise customers.\n
  • As a remote-native, completely distributed global team, we recognize great talent can exist anywhere. We invite you to apply to a job you’re interested in and we\'ll work a plan to meet your needs.\n
  • The Role: Halcyon is building the most resilient anti-ransomware platform on the market, and we need a Windows kernel expert at the forefront of our agent development. As a Principal Kernel Engineer, you will play a key role in the design and evolution of our Windows kernel components that prevent, detect, and respond to ransomware.\n
  • Responsibilities: Apply deep Windows kernel expertise to develop and optimize kernel-mode components that power Halcyon’s ransomware prevention and detection capabilities.\n
  • Contribute to the design and implementation of secure, high-performance Windows drivers (e.g., file system mini-filters, network callout drivers, process/thread monitoring).\n
  • Investigate, debug, and resolve complex kernel-level issues — from race conditions to memory corruption — using WinDbg, crash dump analysis, and advanced debugging techniques.\n
  • Help set technical direction for kernel development across the Windows agent, influencing architecture and performance trade-offs.\n
  • Mentor and guide other engineers in kernel-mode development best practices and secure coding patterns.\n
  • 15+ years of exclusive, professional Windows kernel development — deep understanding of NT internals, OS architecture, and low-level subsystems.\n
  • Proven track record of shipping multiple production-quality Windows drivers (file system, networking, or security-related) in commercial products.\n
  • Mastery of C++ in kernel-mode and user-mode, including multithreading, synchronization primitives, IRQL management, and lock-free programming.\n
  • Expert-level debugging skills — WinDbg, KD, crash dump analysis, race condition resolution.\n
  • Strong knowledge of Win32 APIs, kernel security boundaries, and performance tuning at the OS level.\n
  • Experience designing for stability, security, and performance.\n
  • Exceptional communication skills and ability to collaborate across engineering and product teams.\n
  • Experience with Rust in systems programming, or a strong desire and capacity to learn quickly.\n
  • Familiarity with Portable Executable (PE) format and reverse engineering tools.\n
  • Hands-on experience with Windows Mini-Filter drivers, Windows Filter Platform (WFP), or kernel-based process protection mechanisms.\n
  • Exposure to Rust/C++ interoperability in production systems.\n
  • Background in endpoint security, EDR, or other OS-level security products.

Requirements

  • Apply deep Windows kernel expertise to develop and optimize kernel-mode components that power Halcyon’s ransomware prevention and detection capabilities.\n
  • Contribute to the design and implementation of secure, high-performance Windows drivers (e.g., file system mini-filters, network callout drivers, process/thread monitoring).\n
  • Investigate, debug, and resolve complex kernel-level issues — from race conditions to memory corruption — using WinDbg, crash dump analysis, and advanced debugging techniques.\n
  • Help set technical direction for kernel development across the Windows agent, influencing architecture and performance trade-offs.\n
  • Mentor and guide other engineers in kernel-mode development best practices and secure coding patterns.\n
  • 15+ years of exclusive, professional Windows kernel development — deep understanding of NT internals, OS architecture, and low-level subsystems.\n
  • Proven track record of shipping multiple production-quality Windows drivers (file system, networking, or security-related) in commercial products.\n
  • Mastery of C++ in kernel-mode and user-mode, including multithreading, synchronization primitives, IRQL management, and lock-free programming.\n
  • Expert-level debugging skills — WinDbg, KD, crash dump analysis, race condition resolution.\n
  • Strong knowledge of Win32 APIs, kernel security boundaries, and performance tuning at the OS level.\n
  • Experience designing for stability, security, and performance.\n
  • Exceptional communication skills and ability to collaborate across engineering and product teams.\n
  • Experience with Rust in systems programming, or a strong desire and capacity to learn quickly.\n
  • Familiarity with Portable Executable (PE) format and reverse engineering tools.\n
  • Hands-on experience with Windows Mini-Filter drivers, Windows Filter Platform (WFP), or kernel-based process protection mechanisms.\n
  • Exposure to Rust/C++ interoperability in production systems.\n
  • Background in endpoint security, EDR, or other OS-level security products.