Endpoint Engineer Linux

Nightfall AI


Job Location:

Bengaluru - India

Monthly Salary: Not Disclosed
Posted on: 16 hours ago
Vacancies: 1 Vacancy

Job Summary

About Nightfall:

Nightfall is the AI-native unified data loss prevention and insider risk management platform that protects sensitive data across SaaS apps GenAI tools email endpoint devices and more. Hundreds of customers spanning AI innovators to top 10 banks trust Nightfall to detect and stop data exfiltration at scale. Nightfall enables organizations to innovate freely without the risks of losing intellectual property or exposing customer data. Our agentic platform helps security teams regain their time by putting data loss prevention on autopilot. With automatic remediation security violations can be resolved automatically before they become incidents and end-users can be automatically trained and coached in the moment to self-heal violations that they introduce.

Nightfall is backed by leading VC firms including Bain Capital Ventures (Enrique Salem - former CEO of Symantec) Venrock (early investors in Cloudflare) WestBridge Capital Pear VC (early investors in Dropbox and Doordash) and a cadre of cybersecurity leaders including Frederic Kerrest (founder of Okta) Maynard Webb (former COO of eBay) Ryan Carlson (President of Chainguard) Kevin Mandia (founder of Mandiant) and many others.

About the role:

Nightfall is expanding its endpoint Data Loss Prevention (DLP) coverage to Linux and we are looking for a seasoned Endpoint Engineer to lead this effort. You will be at the ground level of building Linux agent capabilities from the ground up working alongside our existing Mac and Windows endpoint teams.

As an Endpoint Engineer (Linux) at Nightfall you will design build and maintain a production-grade AI-native DLP agent for Linux - covering kernel-level event interception userspace policy enforcement and enterprise deployment. This role requires deep Linux systems expertise and the drive to own a strategic new platform for the company.

Responsibilities

  • Design and develop data exfiltration prevention applications kernel modules system services and agents on Linux.

  • Build and maintain mission-critical endpoint agents that monitor and enforce DLP policies across Linux distributions (Ubuntu RHEL/CentOS and others).

  • Implement kernel-level event interception using eBPF LSM hooks netfilter fanotify or similar mechanisms to monitor file network and clipboard activity.

  • Develop userspace components that integrate with kernel subsystems and enforce policy decisions in real time.

  • Collaborate closely with the Mac and Windows endpoint teams to align on cross-platform agent architecture shared policy models and consistent DLP behaviors.

  • Own complex features from design to delivery - including scoping implementation testing and customer-facing documentation.

  • Diagnose and resolve deep systems-level issues including kernel panics race conditions file descriptor leaks and IPC failures.

  • Ensure agent reliability upgrade safety and minimal performance footprint on target Linux environments.

  • Write and maintain documentation covering internal architecture public APIs and deployment guides for enterprise customers.

Requirements

  • Expertise in C/C for Linux systems development; familiarity with Go is a strong plus.

  • Demonstrable experience building production agents or system-level software on Linux.

  • Deep hands-on experience with one or more Linux kernel subsystems relevant to security and monitoring:

  • Practical knowledge of eBPF (including BPF CO-RE libbpf and BCC) for tracing network filtering and security enforcement.

  • Experience with Linux Security Modules (LSM) - SELinux AppArmor or custom LSM hooks.

  • Working knowledge of fanotify inotify netlink and procfs for system activity monitoring.

  • Familiarity with Linux namespaces cgroups and container runtimes (Docker containerd) in enterprise deployments.

  • Experience with kernel-level debugging using tools such as ftrace perf crash SystemTap or GDB with KGDB.

  • Ability to use reverse engineering and binary analysis techniques when debugging kernel space code.

  • Familiarity with enterprise Linux deployment environments - MDM tools.

  • Ability to decompose complex business problems and own them end to end across teams.

  • Minimum 5 years of related systems/endpoint engineering experience.

Nice to Have

  • Prior experience building DLP EDR or endpoint security products on Linux.

  • Contributions to open-source Linux kernel or eBPF ecosystem projects.

  • Experience with FUSE (Filesystem in Userspace) or overlayfs for file activity interception.

  • Knowledge of Linux audit subsystem (auditd) and its integration with SIEM tooling.

  • Experience developing or integrating with XDR/EDR platforms (CrowdStrike SentinelOne or similar).

  • Familiarity with clipboard and X11/Wayland display server internals for content inspection.

  • Background in Go for high-performance agent components.

Environment

Nightfall AI takes pride in being an equal-opportunity employer. We value a diverse and global talent pool and the collaboration that results from having a diverse and inclusive team. All applicants will be considered for employment without attention to race color religion sex sexual orientation gender identity national origin veteran or disability status. Our hiring decisions are based exclusively on merit qualifications and business needs.

Compensation

Employee compensation will be determined based on interview performance level of experience specialization of skills and market rate. During the offer discussion your recruiter will review the finalized base salary bonus (for applicable roles) benefits & perks and stock options as theyll be reflected in the offer letter.


Required Experience:

IC

About Nightfall:Nightfall is the AI-native unified data loss prevention and insider risk management platform that protects sensitive data across SaaS apps GenAI tools email endpoint devices and more. Hundreds of customers spanning AI innovators to top 10 banks trust Nightfall to detect and stop data...

About Company

Company Logo

Nightfall uses AI to protect sensitive data like secrets and PII where today’s end-users work: across Gen AI apps, SaaS, email, and device. Data loss protection for the AI era.

View Profile View Profile