Windows Kernel Specialist

Job Description

Required Hard Skills (The "Must-Haves")

Expert C/C++: 3+ years of experience in strictly kernel-mode software development.

WinDbg Mastery: Ability to perform "post-mortem" debugging without symbols for third-party conflicts, and live kernel debugging using VMWare/Hyper-V/KDNET. You must be comfortable analyzing stack traces, register states, and trap frames.

Windows Internal Knowledge: Deep understanding of:

IRQLs (Interrupt Request Levels) and DPC/Dispatcher mechanics.

Memory Management (Paged vs. Non-Paged pool, MDLs).

Synchronization primitives (Spinlocks, Mutexes, Pushlocks).

File System Filters: Proven experience with the Filter Manager Model (FltMgr) and Minifilter drivers (FltRegisterFilter, Pre/Post operation callbacks).

EDR/Security Driver Experience: Familiarity with:

ObCallbacks (ObRegisterCallbacks).

Process/Thread/Image Load Notify routines (PsSetCreateProcessNotifyRoutineEx, etc.).

Avoiding deadlocks when injecting logic into high-frequency system paths.

Preferred Skills (The "Nice-to-Haves")
Reverse Engineering: Proficiency with IDA Pro or Ghidra to analyze potential conflicts with third-party drivers (e.g., Antivirus conflicts causing the crash).

x64 Assembly: Ability to read disassembly to pinpoint the exact instruction causing the fault when source lines are ambiguous.

WHQL/WHCP: Experience with the Windows Hardware Compatibility Program signing process (in case the fix requires re-certification).

Job Responsibilities

Key Responsibilities
Crash Dump Analysis: Perform deep-dive analysis of kernel memory dumps (Minidumps and Complete Memory Dumps) to identify the root cause of the crash (e.g., race conditions, stack overflows, invalid memory access, IRQL violations).

Reproduction & Isolation: Design stress tests and verification procedures to reliably reproduce the BSOD in a controlled environment using tools like Driver Verifier and specific load-testing scripts.

Code Review & Remediation: Audit the existing C/C++ driver code (specifically Minifilter callbacks and process notification routines) for thread safety, proper lock usage (Spinlocks/ERESOURCE), and memory handling.

Patch Implementation: Implement robust fixes for the identified issues, ensuring zero regression in driver performance or security efficacy.

Validation: Verify fixes using Microsoft Driver Verifier and HLK (Hardware Lab Kit) basics to ensure stability under high stress.

Department/Project Description

We are an endpoint security company looking for an expert-level Windows Kernel Driver Specialist to assist our engineering team in resolving a critical stability issue. Our Endpoint Detection and Response (EDR) agent is currently experiencing sporadic Blue Screen of Death (BSOD) crashes in the field.

We need an experienced debugger - someone who lives in WinDbg, understands the Windows Memory Manager inside out, and has specific experience improving the stability of file system minifilters and callback-heavy security drivers.

Skill Category

C++

Keyskills - Must Have

• C
• C++
• Kernel
• VM Ware
• Hyper-V
• Windows Programming