Contact Us
Return to vacancy list

Endpoint Engineer (Linux)

5+ years of experience
Ukraine, Europe
Fulltime, Remote

About the Company:
Our client is a San Francisco-based cybersecurity startup helping organizations secure and manage sensitive data. Their AI-powered platform discovers, classifies, and protects sensitive data across cloud apps, infrastructure, and internal systems, preventing leaks and ensuring compliance.
About the Product:
The first AI-native data leak prevention (DLP) solution, designed for modern enterprises. It protects sensitive data across SaaS, email, endpoints, and AI tools with high accuracy and minimal disruption. The Developer Platform allows flexible integration of data protection capabilities.

About the role:
Our client l is expanding its endpoint Data Loss Prevention (DLP) coverage to Linux, and we are looking for a seasoned Endpoint Engineer to lead this effort. You will be at the ground level of building Linux agent capabilities from the ground up, working alongside our existing Mac and Windows endpoint teams.

As an Endpoint Engineer (Linux), you will design, build, and maintain a production-grade, AI-native DLP agent for Linux - covering kernel-level event interception, userspace policy enforcement, and enterprise deployment. This role requires deep Linux systems expertise and the drive to own a strategic new platform for the company.

Responsibilities

  • Design and develop data exfiltration prevention applications, kernel modules, system services, and agents on Linux.

  • Build and maintain mission-critical endpoint agents that monitor and enforce DLP policies across Linux distributions (Ubuntu, RHEL/CentOS, and others).

  • Implement kernel-level event interception using eBPF, LSM hooks, netfilter, fanotify, or similar mechanisms to monitor file, network, and clipboard activity.

  • Develop userspace components that integrate with kernel subsystems and enforce policy decisions in real time.

  • Collaborate closely with the Mac and Windows endpoint teams to align on cross-platform agent architecture, shared policy models, and consistent DLP behaviors.

  • Own complex features from design to delivery - including scoping, implementation, testing, and customer-facing documentation

  • Diagnose and resolve deep systems-level issues including kernel panics, race conditions, file descriptor leaks, and IPC failures.

  • Ensure agent reliability, upgrade safety, and minimal performance footprint on target Linux environments.

  • Write and maintain documentation covering internal architecture, public APIs, and deployment guides for enterprise customers.

Requirements

  • Expertise in C/C++ for Linux systems development; familiarity with Go is a strong plus

  • Demonstrable experience building production agents or system-level software on Linux.

  • Deep hands-on experience with one or more Linux kernel subsystems relevant to security and monitoring:

  • Practical knowledge of eBPF (including BPF CO-RE, libbpf, and BCC) for tracing, network filtering, and security enforcement.

  • Experience with Linux Security Modules (LSM) - SELinux, AppArmor, or custom LSM hooks.

  • Working knowledge of fanotify, inotify, netlink, and procfs for system activity monitoring.

  • Familiarity with Linux namespaces, cgroups, and container runtimes (Docker, containerd) in enterprise deployments.

  • Experience with kernel-level debugging using tools such as ftrace, perf, crash, SystemTap, or GDB with KGDB.

  • Ability to use reverse engineering and binary analysis techniques when debugging kernel space code.

  • Familiarity with enterprise Linux deployment environments - MDM tools.

  • Ability to decompose complex business problems and own them end to end across teams.

  • Minimum 5+ years of related systems/endpoint engineering experience.

Nice to Have

  • Prior experience building DLP, EDR, or endpoint security products on Linux.

  • Contributions to open-source Linux kernel or eBPF ecosystem projects.

  • Experience with FUSE (Filesystem in Userspace) or overlayfs for file activity interception.

  • Knowledge of Linux audit subsystem (auditd) and its integration with SIEM tooling.

  • Experience developing or integrating with XDR/EDR platforms (CrowdStrike, SentinelOne, or similar).

  • Familiarity with clipboard and X11/Wayland display server internals for content inspection.

  • Background in Go for high-performance agent components.

What we offer:

  • Long-term employment with competitive compensation, based on experience.

  • Possibility to work remotely.

  • An open, transparent and fun work culture.

  • Multi-national team and collaborative work environment.

  • Continuous knowledge sharing with engaged co-workers.

  • Career and professional growth opportunities.

Attach a CV file (PDF, DOC)
  • Remote dev teams in Ukraine
  • Go interactive Web development agency
  • Go interactive recruitment agency
  • Remore dedicated teams in Ukraine

Similar vacancies

Frontend Software Engineer (Angular)

5+ years of experience
Poland
Remote, Full-time
Explore details

Firmware Developer

5+ years of experience
Luxembourg
Fulltime
Explore details

Senior Frontend Developer

7+ years of experience
Ukraine or EU
Remote, Full-time
Explore details