Senior Software Engineer, Endpoint Privilege Manager (EPM)

Senior Software Engineer, Endpoint Privilege Manager (EPM)Remote, USOverviewKeeper Security is hiring a Senior Software Engineer to help build and scale our Endpoint Privilege Manager (KEPM/EPM) solution, enabling organizations to enforce least-privilege access and secure privilege elevation across endpoints. This is a 100% remote position, with an opportunity to work a hybrid schedule for candidates based in the Chicago, IL or El Dorado Hills, CA metro areas.Keeper’s cybersecurity software is trusted by millions of people and thousands of organizations globally. Keeper is published in 23 languages and is sold in over 150 countries. Join one of the fastest-growing cybersecurity companies and help deliver enterprise-grade endpoint privilege controls that reduce attack surface, prevent misuse of admin rights, and support audit and compliance requirements.About the RoleAs a Senior Software Engineer on the KEPM/EPM team, you will remain hands-on building core endpoint privilege capabilities from agent behavior and policy enforcement to elevation workflows, auditing, and integrations that support enterprise IT and MSP environments. You’ll work closely with Product and QA Automation to deliver features end-to-end, with a strong focus on secure systems engineering, reliability, and testability across Windows, macOS, and/or Linux.ResponsibilitiesDesign, build, and maintain core KEPM/EPM capabilities, including policy evaluation, privilege enforcement, elevation workflows, and audit loggingDevelop and harden endpoint agent components (services/daemons, installers/updaters, local policy caching, secure IPC) with a focus on security, reliability, and performanceImplement platform integrations and management-plane capabilities (APIs, admin workflows, telemetry) to support enterprise deployment, monitoring, and troubleshootingPartner with Product to review technical approaches, break down epics, and deliver incremental value through well-scoped releasesCollaborate with QA Automation to expand test coverage (unit, integration, end-to-end), improve CI reliability, and build testable interfaces into agent and service componentsParticipate in security reviews and threat modeling; remediate vulnerabilities and improve tamper resistance and abuse preventionImprove observability and diagnosability across components (structured logging, metrics, crash reporting, debug tooling)Participate in on-call and incident response as needed; contribute to postmortems and prevention measuresRequirements5+ years of professional software engineering experience delivering production softwareProficiency in one or more systems/backend languages such as C/C++, Rust, Go, C#/.NET, or Java, with the ability to work across a multi-language codebaseExperience building system-level software (endpoint agents, desktop applications, services/daemons, security tooling, or device management components)Strong understanding of OS security concepts and privilege models (least privilege, process execution, access control, secure update/signing patterns)Experience debugging and optimizing complex software (concurrency, performance profiling, memory/threading issues)Experience building automated tests and working in CI/CD environments; strong engineering hygiene around code review, testing, and documentationStrong communication skills and ability to partner cross-functionally with Product, QA, and SecurityPreferred QualificationsExperience with endpoint privilege management, EDR/EPP, device management, or identity/security productsDeep expertise in at least one endpoint OS ecosystem (Windows, macOS, or Linux) and its privilege/security model (services/daemons, elevation flows, packaging, and code signing)Experience designing policy engines (rules evaluation, precedence, auditability, and explainability)Familiarity with enterprise identity and integrations (SAML, OIDC, SCIM) and/or IT admin tooling and workflows (RMM/PSA, scripting, software deployment)Exposure to secure SDLC practices and compliance-minded engineering (e.g., SOC 2, FedRAMP, NIST)Benefits and DiversityMedical, Dental & Vision (inclusive of domestic partnerships)Employer Paid Life Insurance & Employee/Spouse/Child Supplemental LifeVoluntary Short/Long Term Disability Insurance401K (Roth/Traditional)A generous PTO plan that celebrates your commitment and seniority (including paid Bereavement/Jury Duty, etc.)Above-market annual bonusesKeeper Security, Inc. is an equal opportunity employer and participant in the U.S. Federal E-Verify program. We celebrate diversity and are committed to creating an inclusive environment for all employees.Classification: Exempt #J-18808-Ljbffr