Senior Product Security Engineer

Summary

Join Halcyon, a leading anti-ransomware solution provider, as a Security Researcher. Contribute to strategic research initiatives to enhance Halcyon's product and services. Analyze ransomware samples and threat actor tools to gain insights for future product features and threat actor insights. Validate current capabilities and assist in developing new ones. The ideal candidate is a proficient reverse engineer with malware analysis experience, a strong understanding of cryptography used in ransomware, and the ability to develop tools to augment existing capabilities. Halcyon is a remote-native, completely distributed global team, offering flexible work arrangements.

Requirements

• 5+ years in product security or endpoint-focused consulting, with hands-on testing of Windows-based agents or EDR / AV products
• Experience building fuzzers or integrating existing fuzzing frameworks for native code
• Experience and capability in building automated test harnesses from the ground up
• Strong Windows OS internals knowledge, especially user-mode hooking and Win32 API behaviors
• Proficient in C/C++ and Python, with solid experience calling with Windows APIs
• Experience reviewing and validating security findings
• Comfortable researching and suggesting security features end-to-end and creating technical content

Responsibilities

• Design and implement security test harnesses from scratch to simulate real-world ransomware behavior
• Develop and integrate fuzzers (libFuzzer, AFL /WinAFL, or custom tools) for automated crash and vulnerability discovery
• Build user-mode hooking instrumentation and explore EDR bypass techniques to exercise agent internals
• Triage, reproduce, and analyze security findings against our agent and libraries
• Perform root-cause analysis on crashes or logic flaws; build minimal PoC exploits or reproducer cases
• Deep understanding of Windows internals (ring transitions, memory management, Win32 API) with focus on user-mode security hooks
• Collaborate on driver-level or API-level integrations when necessary (no kernel-driver dev required)

Preferred Qualifications

• Rust development experience, particularly around FFI or unsafe code
• Published tooling or research in vulnerability discovery, fuzzing, and/or automated test frameworks
• Hands-on experience with CI platforms (GitHub Actions, Jenkins) to automate security workflows

Benefits

• Comprehensive healthcare (medical, dental, and vision) with premiums paid in full for employees and dependents
• 401k plan with a generous employer contribution
• Short and long-term disability coverage, basic life and AD&D insurance plans
• Medical and dependent care FSA options
• Flexible PTO policy
• Parental leave
• Generous equity offering