Senior Software Engineer, Endpoint Privilege Manager (EPM)

Keeper Security

7d•Remote

About The Position

Keeper Security is hiring a Senior Software Engineer to help build and scale our Endpoint Privilege Manager (KEPM/EPM) solution, enabling organizations to enforce least-privilege access and secure privilege elevation across endpoints. This is a 100% remote position, with an opportunity to work a hybrid schedule for candidates based in the Chicago, IL or El Dorado Hills, CA metro areas. Keeper’s cybersecurity software is trusted by millions of people and thousands of organizations globally. Keeper is published in 23 languages and is sold in over 150 countries. Join one of the fastest-growing cybersecurity companies and help deliver enterprise-grade endpoint privilege controls that reduce attack surface, prevent misuse of admin rights, and support audit and compliance requirements. About Keeper Keeper Security is one of the fastest-growing cybersecurity software companies that protects thousands of organizations and millions of people in over 150 countries. Keeper is a pioneer of zero-knowledge and zero-trust security built for any IT environment. Its core offering, KeeperPAM®, is an AI-enabled, cloud-native platform that protects all users, devices and infrastructure from cyber attacks. Recognized for its innovation in the Gartner Magic Quadrant for Privileged Access Management (PAM), Keeper secures passwords and passkeys, infrastructure secrets, remote connections and endpoints with role-based enforcement policies, least privilege and just-in-time access. Learn why Keeper is trusted by leading organizations to defend against modern adversaries at KeeperSecurity.com. About the Role As a Senior Software Engineer on the KEPM/EPM team, you will remain hands-on building core endpoint privilege capabilities from agent behavior and policy enforcement to elevation workflows, auditing, and integrations that support enterprise IT and MSP environments. You’ll work closely with Product and QA Automation to deliver features end-to-end, with a strong focus on secure systems engineering, reliability, and testability across Windows, macOS, and/or Linux.

Requirements

5+ years of professional software engineering experience delivering production software
Proficiency in one or more systems/backend languages such as C/C++, Rust, Go, C#/.NET, or Java, with the ability to work across a multi-language codebase
Experience building system-level software (endpoint agents, desktop applications, services/daemons, security tooling, or device management components)
Strong understanding of OS security concepts and privilege models (least privilege, process execution, access control, secure update/signing patterns)
Experience debugging and optimizing complex software (concurrency, performance profiling, memory/threading issues)
Experience building automated tests and working in CI/CD environments; strong engineering hygiene around code review, testing, and documentation
Strong communication skills and ability to partner cross-functionally with Product, QA, and Security

Nice To Haves

Experience with endpoint privilege management, EDR/EPP, device management, or identity/security products
Deep expertise in at least one endpoint OS ecosystem (Windows, macOS, or Linux) and its privilege/security model (services/daemons, elevation flows, packaging, and code signing)
Experience designing policy engines (rules evaluation, precedence, auditability, and explainability)
Familiarity with enterprise identity and integrations (SAML, OIDC, SCIM) and/or IT admin tooling and workflows (RMM/PSA, scripting, software deployment)
Exposure to secure SDLC practices and compliance-minded engineering (e.g., SOC 2, FedRAMP, NIST)

Responsibilities

Design, build, and maintain core KEPM/EPM capabilities, including policy evaluation, privilege enforcement, elevation workflows, and audit logging
Develop and harden endpoint agent components (services/daemons, installers/updaters, local policy caching, secure IPC) with a focus on security, reliability, and performance
Implement platform integrations and management-plane capabilities (APIs, admin workflows, telemetry) to support enterprise deployment, monitoring, and troubleshooting
Partner with Product to review technical approaches, break down epics, and deliver incremental value through well-scoped releases
Collaborate with QA Automation to expand test coverage (unit, integration, end-to-end), improve CI reliability, and build testable interfaces into agent and service components
Participate in security reviews and threat modeling; remediate vulnerabilities and improve tamper resistance and abuse prevention
Improve observability and diagnosability across components (structured logging, metrics, crash reporting, debug tooling)
Participate in on-call and incident response as needed; contribute to postmortems and prevention measures

Benefits

Medical, Dental & Vision (inclusive of domestic partnerships)
Employer Paid Life Insurance & Employee/Spouse/Child Supplemental Life
Voluntary Short/Long Term Disability Insurance
401K (Roth/Traditional)
A generous PTO plan that celebrates your commitment and seniority (including paid Bereavement/Jury Duty, etc.)
Above-market annual bonuses

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume