Halcyon
Senior Product Security Engineer
Job Summary
The role involves analyzing ransomware samples and threat actor tools to develop insights for product features and security capabilities. It requires a proficient reverse engineer with experience in malware analysis, cryptography, and Windows internals, particularly user-mode security hooks. Candidates should have a strong background in security testing, fuzzing, vulnerability research, and building automated test harnesses. The position offers opportunities to contribute to strategic research initiatives within a remote, innovative security company focused on combating ransomware threats.
Required Skills
Benefits
Job Description
What we do:
Halcyon is the industry’s first dedicated, adaptive security platform that combines multiple proprietary advanced prevention engines along with AI models focused specifically on stopping ransomware.
Who we are:
Halcyon was formed in 2021 by a team of cyber industry veterans after battling the scourge of ransomware (and advanced threats) for years at some of the largest global security vendors. Comprised of leaders from Cylance (now Blackberry), Accuvant (now Optiv), Fireye and ISS X-Force (now IBM), Halcyon is focused on building products and solutions for mid-market and enterprise customers.
As a remote-native, completely distributed global team, we recognize great talent can exist anywhere. We invite you to apply to a job you’re interested in and we'll work a plan to meet your needs.
The Role:
Halcyon’s goal is to deliver an anti-ransomware solution that breaks new ground as to what a security product can deliver. Aligned with this goal, Halcyon is searching for a security researcher to contribute to a number of strategic research initiatives to develop Halcyon’s product and services catalogue. Halcyon’s primary focus for this role is to analyze ransomware samples and threat actor tools to gain insights for future product features, threat actor insights, and assist in the validation of our current capabilities. The ideal candidate will be a proficient reverse engineer with experience in analyzing malware, have a strong understanding of cryptography used in ransomware, and the ability to develop tools to augment existing capabilities.
Key Responsibilities
-
Endpoint Hardening & Testing
-
Design and implement security test harnesses from scratch to simulate real-world ransomware behavior
-
Develop and integrate fuzzers (libFuzzer, AFL/WinAFL, or custom tools) for automated crash and vulnerability discovery
-
Build user-mode hooking instrumentation and explore EDR bypass techniques to exercise agent internals
-
-
Vulnerability Research & Triage
-
Triage, reproduce, and analyze security findings against our agent and libraries
-
Perform root-cause analysis on crashes or logic flaws; build minimal PoC exploits or reproducer cases
-
-
Platform Expertise
-
Deep understanding of Windows internals (ring transitions, memory management, Win32 API) with focus on user-mode security hooks
-
Collaborate on driver-level or API-level integrations when necessary (no kernel-driver dev required)
-
Required Technical Skills
-
5+ years in product security or endpoint-focused consulting, with hands-on testing of Windows-based agents or EDR/AV products
-
Experience building fuzzers or integrating existing fuzzing frameworks for native code
-
Experience and capability in building automated test harnesses from the ground up
-
Strong Windows OS internals knowledge, especially user-mode hooking and Win32 API behaviors
-
Proficient in C/C++ and Python, with solid experience calling with Windows APIs
-
Experience reviewing and validating security findings
-
Comfortable researching and suggesting security features end-to-end and creating technical content
Bonus Technical Skills
-
Rust development experience, particularly around FFI or unsafe code
-
Published tooling or research in vulnerability discovery, fuzzing, and/or automated test frameworks
-
Hands-on experience with CI platforms (GitHub Actions, Jenkins) to automate security workflows
Benefits:
Halcyon offers the following benefits to eligible employees:
-
Comprehensive healthcare (medical, dental, and vision) with premiums paid in full for employees and dependents.
-
401k plan with a generous employer contribution.
-
Short and long-term disability coverage, basic life and AD&D insurance plans.
-
Medical and dependent care FSA options.
-
Flexible PTO policy.
-
Parental leave.
-
Generous equity offering.
The Company reserves the right to modify or change these benefits programs at any time, with or without notice.
Base Salary Range: $180,000 - 220,000
Bonus Target: 10%
In accordance with applicable state and federal laws, the range provided is Halcyon’s reasonable estimate of the base compensation for this role. The actual amount may differ based on non-discriminatory factors such as experience, knowledge, skills, abilities, and location. Base pay is one part of the total package that is provided to compensate and recognize employees for their work, and this role may be eligible for additional discretionary bonuses/incentives, and equity in the Company.
We understand it takes a diverse team of highly intelligent, passionate, curious, and creative people to develop the exceptional product we are building. Our dynamic team has incredible perspectives to share, just as we know you do, and we take great pride in being an equal opportunity employer.
Interested in this job?
Applications are no longer being accepted for this job.
Halcyon
Halcyon is the cyber resilience platform that Global 2000 companies rely upon to defeat ransomware-as-a-service-borne attacks. With the fastest endpoint recovery methods ever built and multiple layers of resiliency, including bypass and evasion protection, key capture and automated decryption, and data extortion prevention, the Halcyon platform enables attacks to be undone in minutes.
See more jobsSafe Remote Job Search Tips
Verify Employer Thoroughly
Research the company's identity thoroughly before applying. Check for a professional website with contacts, active social media, and LinkedIn profiles. Verify details across platforms and look for reviews on Glassdoor or Trustpilot to confirm legitimacy.
Never Pay to Get a Job
Legitimate employers never require payment for applications, training, background checks, or equipment. Always reject upfront payment requests or demands for bank details, even if they claim it's for purchasing necessary work gear on your behalf.
Safeguard Your Personal Information
Protect sensitive data like SSN, bank details, or ID copies. Share this only after accepting a formal, written job offer. Ensure it's submitted via a secure company system or portal, never through insecure channels like standard email attachments.
Scrutinize Communication & Interviews
Watch for communication red flags: poor grammar, generic emails (@gmail), vague details, or undue pressure. Be highly suspicious of interviews held only via text or chat apps; legitimate companies typically use video or phone calls.
Beware of Unrealistic Offers
If an offer's salary or benefits seem unrealistically high for the work involved, be cautious. Research standard pay for similar roles. Offers that appear 'too good to be true' are often scams designed to lure you into providing information or payment.
Insist on a Formal Contract
Always secure and review a formal, written job offer or employment contract before starting work or sharing final personal details. Ensure it clearly defines your role, compensation, key terms, and conditions to avoid misunderstandings or scams.