Find your dream job at Australia's leading startups and VCs

Our exceptional communities of founders and investors are constantly seeking passionate individuals like you to join their team. Find your fit in the postings below. Just browsing? Sign up to our newsletter here, and stay up to date on the latest jobs.
companies
Jobs

Linux Kernel Developer

Cyble

Cyble

Software Engineering
Bengaluru, Karnataka, India
Posted on Jul 6, 2025
About The Role

We are seeking an experienced and passionate Linux Kernel Developer to join our EDR/XDR Agent/Sensor Development Team. The ideal candidate will have a minimum 6+ years of deep expertise in Linux internals, Linux Kernel Module (LKM) development, C/C++ programming, and a strong understanding of container technologies. You will be part of the EDR/XDR agent/sensor development team, responsible for building core components of our EDR/XDR agent/sensor that operates in both user-space and kernel-space, focusing on system monitoring, threat detection, and remediation within Linux environments, including containerised workloads.

What You’ll Do At Cyble

  • Work alongside our senior lead kernel developers to design, develop, and maintain Linux Kernel Modules (LKMs) for various EDR/XDR modules.
  • Write LKMs for device management capabilities like USB and Bluetooth device controls within Linux environments.
  • Develop user-mode services that interface with kernel modules for event processing, policy enforcement, and interaction with container runtimes.
  • Implement real-time remediation actions such as process termination, file deletion/quarantining, and system snapshot/restore functionalities.
  • Debug and resolve kernel panics, race conditions, memory leaks, and performance bottlenecks in kernel and user-space components.
  • Develop and enhance monitoring capabilities for containerized environments (e.g., Docker, Kubernetes), understanding interactions between the host and containers, and leveraging kernel features like namespaces and cgroups.
  • Integrate with backend admin consoles using various integration methods and data exchange formats like JSON and Protobuf.
  • Integrate with Threat Intelligence Systems and other downstream components.
  • Collaborate with cross-functional teams (security analysts, product managers, QA) to translate detection use cases into scalable agent capabilities for Linux and container environments.

What You’ll Need

  • Strong proficiency in C and C++, including multithreading and synchronization primitives.
  • Deep knowledge of Linux OS internals (e.g., process management, memory management, VFS, system call interface, scheduling, namespaces, cgroups).
  • Experience in developing Linux Kernel Modules (LKMs); familiarity with frameworks like eBPF, kprobes, tracepoints, or Linux Security Modules (LSMs) is a plus.
  • Strong understanding of Linux security architecture, process/thread management, file system architecture, and inter-process communication.
  • Solid understanding of container technologies (e.g., Docker, Kubernetes, containerd, CRI-O) and their underlying kernel primitives.
  • Experience in developing security solutions for containerized environments, including monitoring container activity and host-container interactions.
  • Familiarity with monitoring frameworks and tools in Linux (e.g., Auditd, perf, ftrace, SystemTap).
  • Hands-on experience implementing kernel hooks and callback mechanisms; strong experience in writing user-mode code interacting with kernel components.
  • Experience writing components that perform YARA rule lookups.
  • Experience with kernel telemetry pipelines (e.g., using eBPF, Auditd, or custom solutions).
  • Proven experience writing kernel/user-mode hooks for events such as process creation/execution, library loading, file system changes, network activity, and device access (e.g., USB, Bluetooth).
  • Proficiency in building remediation components for various threat categories.
  • Familiarity with Linux debugging tools (e.g., GDB, KGDB, crash, ftrace, perf) and analyzing kernel panic dumps.
  • Understanding of endpoint security concepts, including EDR/XDR product behavior.

Cyble offers

  • A dynamic and collaborative work environment.
  • Opportunities for learning and career growth.
  • Mentorship from experienced developers to guide you in advancing your skills.

About Cyble

Cyble is revolutionizing the landscape of cybersecurity intelligence. Founded in 2019, Cyble began as a visionary college project and has quickly transformed into a leading force in proactive cyber threat detection and mitigation, that is now globally significant, with people in 20 countries - Headquartered in Alpharetta, Georgia, and with offices in Australia, Malaysia, Singapore, Dubai, Saudi Arabia and India.

Our mission is clear: to provide visibility, intelligence and cybersecurity protection using cutting-edge advanced technology, giving enterprises a powerful advantage. We democratize real-time intelligence about cyber threats and vulnerabilities, enabling organizations to take proactive measures and maintain robust cybersecurity. We strive to make the digital world a safer place for everyone.

At Cyble, artificial intelligence (AI) and innovation are central to all operations, with a commitment to continuous improvement and excellence in both products and business practices. Cyble values inclusivity, offering team members autonomy and flexibility to balance their professional and personal lives. Cyble fosters a culture where employees voices are heard, contributions are recognized, and everyone is encouraged to be part of something extraordinary. To learn more about Cyble, visit www.cyble.com