Cyble - Windows Kernel Developer - C/C++ Programming
Cyble
Software Engineering
Kolkata, West Bengal, India
Posted on Jul 6, 2025
About The Role
We are seeking an experienced and passionate Windows Kernel Developers to join our EDR/XDR Agent/Sensor Development Team.
The ideal candidate will have deep expertise in Windows internals, kernel-mode driver development, and C/C++ programming.
You will be part of EDR/XDR agent/sensor development team and responsible for building core components of our EDR/XDR agent/sensor that operates in both user-mode and kernel-mode, focusing on system monitoring, threat detection, and remediation.
What Youll Do At Cyble
We are seeking an experienced and passionate Windows Kernel Developers to join our EDR/XDR Agent/Sensor Development Team.
The ideal candidate will have deep expertise in Windows internals, kernel-mode driver development, and C/C++ programming.
You will be part of EDR/XDR agent/sensor development team and responsible for building core components of our EDR/XDR agent/sensor that operates in both user-mode and kernel-mode, focusing on system monitoring, threat detection, and remediation.
What Youll Do At Cyble
- Work along with our senior lead kernel developers and work on design, develop, and maintain Windows kernel-mode drivers for various EDR/XDR modules.
- Write Windows kernel-mode drivers for device management capabilities like USB, Bluetooth device controls.
- Develop user-mode services that interface with kernel drivers for event processing and policy enforcement.
- Implement real-time remediation actions like terminate, delete/quarantine, take & restore system snapshots.
- Debug and resolve BSODs, race conditions, memory leaks, and performance bottlenecks.
- Integrate with backend admin console with different integration methods and data exchange formats like JSON, Protobuf.
- Integrate with Threat Intelligence Systems and other downstream components.
- Collaborate with cross-functional teams (security analysts, product managers, QA) to translate detection use cases into scalable agent capabilities.
- Strong proficiency in C and C++, including multithreading and synchronization primitives.
- Deep knowledge of Windows OS internals (kernel objects, memory management, I/O Manager, IRP lifecycle).
- Experience in developing WDM, KMDF, or Minifilter drivers.
- Strong understanding of Windows security architecture, process/thread management, file system architecture, and Registry internals.
- Familiarity with monitoring frameworks.
- Hands-on experience implementing Kernel hooks and callback mechanisms, strong experience in writing user-mode code.
- Experienced in writing components which does YARA rules lookups, experienced in ETW, Sysmon, kernel telemetry pipelines.
- Written kernel / user-mode hooks for any or all of these events like process, library, file system changes, registry changes, device hooks like USB, Bluetooth access controls.
- Proficiency in building remediation components for various threats category.
- Familiarity with debugging tools like WinDbg, Driver Verifier, Blue Screen analysis.
- Understanding of endpoint security concepts, including EDR/XDR product behaviour.
- A dynamic and collaborative work environment.
- Opportunities for learning and career growth.
- Mentorship from experienced developers to guide you in advancing your skills.