Sr. Engineer II - Sensor Pipelines and Programmability Tools

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. We work on large scale distributed systems, processing almost 3 trillion events per day. We have 3.44 PB of RAM deployed across our fleet of C* servers - and this traffic is growing daily. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you. About the Role: CrowdStrike's Sensor and Language Tooling (SaLT) team is hiring an engineer to work on malware detection and prevention pipelines on our Falcon sensor. The SaLT team is responsible for a variety of internal tools which enable other teams at CrowdStrike to write security detections. Among the team’s responsibilities are a custom compiler toolchain for our in-house, security-focused domain specific language (DSL), and also core functions of our security detections platform. The SaLT team works closely with a wide range of other teams at CrowdStrike, helping dedicated engineers across the globe solve hard problems. This role is focused on the CrowdStrike Falcon sensor’s detection pipelines and improving the sensor’s programmability tools.  Our detection and prevention pipelines respond to system events, such as process creation and network traffic, on endpoints running the Falcon sensor.  These pipelines collate and filter security-relevant events and transmit them to CrowdStrike’s cloud.  Our programmability tools allow the sensor’s behavior to be configured dynamically to allow fast response times to threat actors. CrowdStrike is a remote-first company with offices and developers worldwide. Remote candidates living in the US and Canada are encouraged to apply. Candidates from the UK, EU or Australia are also very welcome to apply, but should know that coordination with US-based teams will be necessary and flexible working hours will be required. For those that prefer office life, CrowdStrike has engineering offices in Irvine (CA), Kirkland (WA), Minneapolis (MN), Sunnyvale (CA), London (UK) and Crystal City (VA). Occasional travel (<10%) is required. CrowdStrike is a computer security company, but we do not require candidates for this role to have prior security industry experience. We will mentor and train in security topics as needed. We do expect a strong interest in CrowdStrike's mission and a willingness to grow. What You’ll Do: Understand, modify and assume shared ownership of complex and critical sensor event and data processing pipeline logic - for the purposes of expanding and maintaining the systems as well as guiding future direction. Gain expertise in core logic of the falcon sensor, becoming a resource for other developers within Crowdstrike who use our team’s tools. Communicate design, constraints, guarantees and other aspects of the system. Communicate and collaborate with other teams at Crowdstrike, including engineering  teams who use our tools; adversary response teams; malware researchers; product and program managers; and others. Write code in a variety of languages, including internally developed, non-imperative domain-specific languages.  (Much, but not all, of the work we need will be written in the in house language for which our team owns the compiler.  This language is highly asynchronous and used to write responses to system events such as process creation and network traffic.  System programming experience on one or more of macOS, Linux, and Windows is helpful.) Write unit, functional and integration tests Diagnose and resolve issues discovered by customers or other engineering teams Work with language and compiler developers at CrowdStrike to help set direction and prioritize feature development What You’ll Need: Take responsibility for and ownership of their work. Design and implement performant, functionally-correct and well-structured logic. Can understand, maintain, and improve a large existing codebase. Can reason about, describe and communicate the nature of complex, highly-concurrent systems. Can reason about how our endpoint interacts with our cloud, and communicate with cloud development teams for both design and troubleshooting. This is not primarily a C++ position (most work will be in either Python or our in-house security focused DSL), but the core runtime you will work with is in C++.  Ability to read this is critical, and you will probably touch it occasionally. Communicate, collaborate, and work effectively in a distributed team (across timezones and continents, and with a variety of subject matter expertise).   Bonus Points:  Fluency in writing Python Endpoint security background Experience designing or writing virtual machine runtimes #LI-JC1 #LI-OC1 #LI-Remote #HTF Benefits of Working at CrowdStrike: Remote-friendly and flexible work culture Market leader in compensation and equity awards Comprehensive physical and mental wellness programs Competitive vacation and holidays for recharge Paid parental and adoption leaves Professional development opportunities for all employees regardless of level or role Employee Resource Groups, geographic neighbourhood groups and volunteer opportunities to build connections Vibrant office culture with world class amenities Great Place to Work Certified™ across the globe CrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program. CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment. The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law. We base all employment decisions--including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs--on valid job requirements. If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at recruiting@crowdstrike.com for further assistance. Find out more about your rights as an applicant. CrowdStrike participates in the E-Verify program. Notice of E-Verify Participation Right to Work CrowdStrike, Inc. is committed to equal pay for equal work in its compensation practices. The base salary range for this position in the U.S. is $155,000 - $255,000 per year + variable/incentive compensation + equity + benefits. A candidate's salary is determined by various factors including, but not limited to, relevant work experience, skills, certifications, job level, supervisory status, and location. CrowdStrike Canada ULC is committed to equal pay for equal work in its compensation practices. The base salary range for this position in Canada is $175,000 - $270,000 CAD per year + variable/incentive compensation + equity + benefits. A candidate’s salary is determined by various factors including, but not limited to, relevant work experience, skills, certifications and location. This is Canadian-based employment, and it is expected that all employees maintain legal entitlement to work in Canada. Applicants selected to move forward in the hiring process are subject to background checks, including but not limited to criminal record, credit, and/or reference checks. Expected Close Date of Job Posting is:06-01-2025