Senior Product Security Engineer

What we do:

Halcyon is the industry’s first dedicated, adaptive security platform that combines multiple proprietary advanced prevention engines along with AI models focused specifically on stopping ransomware.

Who we are:
Halcyon was formed in 2021 by a team of cyber industry veterans after battling the scourge of ransomware (and advanced threats) for years at some of the largest global security vendors. Comprised of leaders from Cylance (now Blackberry), Accuvant (now Optiv), Fireye and ISS X-Force (now IBM), Halcyon is focused on building products and solutions for mid-market and enterprise customers.

As a remote-native, completely distributed global team, we recognize great talent can exist anywhere. We invite you to apply to a job you’re interested in and we'll work a plan to meet your needs.

About The Role

Halcyon’s goal is to deliver an anti-ransomware solution that breaks new ground in what a security product can achieve. Aligned with this mission, we’re hiring a Senior Product Security Engineer to ensure our most innovative defenses make it into every release. These cutting-edge capabilities will keep our customers ahead in the fight against ransomware.

Key Responsibilities

• Endpoint Hardening & Testing
• Design and implement security test harnesses from scratch to simulate real-world ransomware behavior
• Develop and integrate fuzzers (libFuzzer, AFL/WinAFL, or custom tools) for automated crash and vulnerability discovery
• Build user-mode hooking instrumentation and explore EDR bypass techniques to exercise agent internals
• Vulnerability Research & Triage
• Triage, reproduce, and analyze security findings against our agent and libraries
• Perform root-cause analysis on crashes or logic flaws; build minimal PoC exploits or reproducer cases

• Platform Expertise

• Deep understanding of Windows internals (ring transitions, memory management, Win32 API) with focus on user-mode security hooks
• Collaborate on driver-level or API-level integrations when necessary (no kernel-driver dev required)
• Design and implement security test harnesses from scratch to simulate real-world ransomware behavior
• Develop and integrate fuzzers (libFuzzer, AFL/WinAFL, or custom tools) for automated crash and vulnerability discovery
• Build user-mode hooking instrumentation and explore EDR bypass techniques to exercise agent internals
• Triage, reproduce, and analyze security findings against our agent and libraries
• Perform root-cause analysis on crashes or logic flaws; build minimal PoC exploits or reproducer cases
• Deep understanding of Windows internals (ring transitions, memory management, Win32 API) with focus on user-mode security hooks
• Collaborate on driver-level or API-level integrations when necessary (no kernel-driver dev required)

Required Technical Skills

• 5+ years in product security or endpoint-focused consulting, with hands-on testing of Windows-based agents or EDR/AV products
• Experience building fuzzers or integrating existing fuzzing frameworks for native code
• Experience and capability in building automated test harnesses from the ground up
• Strong Windows OS internals knowledge, especially user-mode hooking and Win32 API behaviors
• Proficient in C/C++ and Python, with solid experience calling with Windows APIs
• Experience reviewing and validating security findings
• Comfortable researching and suggesting security features end-to-end and creating technical content

Bonus Technical Skills

• Rust development experience, particularly around FFI or unsafe code
• Published tooling or research in vulnerability discovery, fuzzing, and/or automated test frameworks
• Hands-on experience with CI platforms (GitHub Actions, Jenkins) to automate security workflows

Why Join Us?

• Play a critical role in developing cutting-edge ransomware protections and security features that will have a real-world impact.
• Work alongside highly skilled security researchers and engineering teams building next-generation security solutions.
• Have the opportunity to shape the process by which security innovations transition from research into real-world implementations.
• Be part of a company deeply committed to stopping ransomware and protecting customers.

Benefits:

• Comprehensive healthcare (medical, dental, and vision) with premiums paid in full for employees and dependents.
• 401k plan with a generous employer contribution.
• Short and long-term disability coverage, basic life, and AD&D insurance plans.
• Medical and dependent care FSA options.

• Flexible Pto Policy.

• Parental Leave.

• Generous Equity Offering.

The Company reserves the right to modify or change these benefits programs at any time, with or without notice.​

Base Salary Range: $155k-200k + 10% bonus + equity

In accordance with applicable state and federal laws, the range provided is Halcyon’s reasonable estimate of the base compensation for this role. The actual amount may differ based on non-discriminatory factors such as experience, knowledge, skills, abilities, and location. Base pay is one part of the total package that is provided to compensate and recognize employees for their work, and this role may be eligible for additional discretionary bonuses/incentives, and equity in the Company.

We understand it takes a diverse team of highly intelligent, passionate, curious, and creative people to develop the exceptional product we are building. Our dynamic team has incredible perspectives to share, just as we know you do, and we take great pride in being an equal opportunity employer.