Design and develop data exfiltration prevention applications, kernel modules, system services, and agents on Linux.
Build and maintain mission-critical endpoint agents that monitor and enforce DLP policies across Linux distributions (Ubuntu, RHEL/CentOS, and others).
Implement kernel-level event interception using eBPF, LSM hooks, netfilter, fanotify, or similar mechanisms to monitor file, network, and clipboard activity.
Develop userspace components that integrate with kernel subsystems and enforce policy decisions in real time.
Collaborate closely with the Mac and Windows endpoint teams to align on cross-platform agent architecture, shared policy models, and consistent DLP behaviors.
Own complex features from design to delivery
including scoping, implementation, testing, and customer-facing documentation.
Diagnose and resolve deep systems-level issues including kernel panics, race conditions, file descriptor leaks, and IPC failures.
Ensure agent reliability, upgrade safety, and minimal performance footprint on target Linux environments.
Write and maintain documentation covering internal architecture, public APIs, and deployment guides for enterprise customers.

Expertise in C/C++ for Linux systems development; familiarity with Go is a strong plus.
Demonstrable experience building production agents or system-level software on Linux.
Deep hands-on experience with one or more Linux kernel subsystems relevant to security and monitoring:
Practical knowledge of eBPF (including BPF CO-RE, libbpf, and BCC) for tracing, network filtering, and security enforcement.
Experience with Linux Security Modules (LSM)
SELinux, AppArmor, or custom LSM hooks.
Working knowledge of fanotify, inotify, netlink, and procfs for system activity monitoring.
Familiarity with Linux namespaces, cgroups, and container runtimes (Docker, containerd) in enterprise deployments.
Experience with kernel-level debugging using tools such as ftrace, perf, crash, SystemTap, or GDB with KGDB.
Ability to use reverse engineering and binary analysis techniques when debugging kernel space code.
Familiarity with enterprise Linux deployment environments
MDM tools.
Ability to decompose complex business problems and own them end to end across teams.
Minimum 5+ years of related systems/endpoint engineering experience.

Employee compensation will be determined based on interview performance, level of experience, specialization of skills, and market rate. During the offer discussion, your recruiter will review the finalized base salary, bonus (for applicable roles), benefits & perks, and stock options as they’ll be reflected in the offer letter.

Endpoint Engineer – Linux

Key skills