SDET III, Windows Sensor

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. We work on large scale distributed systems, processing almost 3 trillion events per day and this traffic is growing daily. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.

About the Role:

CrowdStrike Falcon Host is a two-component security product. One component is a “sensor”: a driver installed on client machines that observes system activity and recognizes malicious behavior, then provides on-box prevention capability and remote telemetry to the Falcon Host cloud. The sensor processes thousands of events per second to provide deep visibility into operations on the endpoint, and performs rich correlation and computation to identify malicious events and blocks malicious activity.

The cloud component aggregates sensor telemetry for each customer’s network, correlates malicious behavior across multiple machines, and presents our customers’ operations teams with a prioritized summary of the threats detected in their environments.

This is a Software Development Engineer in Test (SDET) position on the Windows sensor engineering team, in the detection space. At CrowdStrike, SDETs and SDEs work together in combined engineering teams. SDETs are key contributors on the team, focusing on the quality of the sensor. SDETs use their strong software development skills to build effective tools, harnesses, and specialized tests to assure that quality goals are met for each new capability. SDETs also participate actively in design and code reviews, and collaborate with the research, hunting, and cloud teams to ensure end-to-end sensor functionality.

Successful engineers in this role have: an understanding of Windows kernel and user space, a passion for continuous learning to keep up with an ever-changing threat landscape, and a creative mindset for designing new code validation methods to increase the quality, performance and the reliability of the shipped code.

What You'll Do:

• Work closely with a team of detection engineers to support and maintain a culture of high product quality and excellence

• Analyze complex software features, and build effective test strategies and test designs

• Extend our existing codebase utilizing C++, Python, and DSLs (domain specific languages) as appropriate, to increase the testability and debuggability of the code 

• Identify and write specialized tests necessary that are not feature-specific but are still important to ensure the quality of the system as a whole – performance, scalability, limits etc.

• Work collaboratively with product and release management to control risk, improve quality, and streamline our release cycles

• Debug product issues found through test or customer cases to identify root cause and use the input to improve tests

• Collaborate in product and test code reviews with an eye towards improving the security and robustness of the system as a whole

• Participate in engineering best practices, including topics like secure coding, testing paradigms, debugging, performance measurement, code reviews, CI/CD and OS internals, to ensure that our sensor code is fast and reliable

• Be an energetic 'self-starter' with the ability to take ownership and be accountable for deliverables, both individually and when leading a team

What You’ll Need: 

• 3+ years of experience with either:

• Pentesting, reverse engineering, threat detection or analysis; and an interest in software quality, validation and testing, or

• Designing, building, and delivering frameworks and test harnesses to ship  high-quality software in C/C++ or Python, and a demonstrated interest in security.

• Low-level OS knowledge of Windows operating system internals, components, and APIs.

• Team player – able to communicate, collaborate, and work effectively in a distributed team, to clearly articulate thoughts & designs to peers and upper management

• Must have demonstrated passion to find bugs -- i.e. must like breaking software as much as writing code!

• Experience doing test development work on Windows for code that has high reliability requirements

• Ability to write and automate test cases, triage bugs, and write actionable bug reports

• Ability to clearly define test strategies for features, and implement those strategies

• Ability to communicate, collaborate, and work effectively in a distributed team

• Expertise in using performance profiling tools and debuggers to analyze crash dumps

Bonus Points:

• 1 year of experience in using big data to analyze and monitor software quality metrics. 

• Prior security experience, particularly always-on systems, endpoint threat detections or sensor development. Familiarity with the threat landscape on Windows is a plus

• Experience with Windows security features and telemetry relevant to security and recent familiarity with the latest developments in the Windows platform and architecture

• Experience developing 24/7 enterprise software, including CI, testing, debugging, performance tracing, release management, telemetry analysis and issue handling

#LI-SS1

#LI-Remote

#HTF

Benefits of Working at CrowdStrike:

• Remote-friendly and flexible work culture

• Market leader in compensation and equity awards

• Comprehensive physical and mental wellness programs

• Competitive vacation and holidays for recharge

• Paid parental and adoption leaves

• Professional development opportunities for all employees regardless of level or role

• Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections

• Vibrant office culture with world class amenities

• Great Place to Work Certified™ across the globe

CrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program.

Right to Work