Skip to content
Cameron Babcock Cameron Babcock
Cameron Babcock

Technical writing, research notes, and selected experience.

Staff engineer building modern Windows endpoint security systems.

Staff software engineer with more than a decade of experience across Windows kernel development, endpoint detection, CNO tooling, malware development, vulnerability research, and agentic AI workflows.

Featured Security Work

Selected Experience

2025 - Present

IRU

Staff Engineer

Leading the development of a greenfield EDR product, focusing on the Windows Agent and Driver components.

  • Architecting a greenfield Windows kernel-mode telemetry driver designed for low-overhead endpoint visibility at production scale.
  • Developing the user-mode agent component in modern C++ for resilient threat detection.
  • Implementing agentic AI workflows to accelerate driver validation and EDR feature development.
  • Establishing foundational engineering and testing paradigms for the new platform.

2022 - Present

Real American Security

Founder / Software Engineer

Independent consultancy and product development focusing on DoD consulting, C++ obfuscation research (ObfTypes), and building a scalable video game analytics platform.

  • Built production backend APIs and data-intensive web services in Python and .NET for analytics-driven applications.
  • Designed scalable data infrastructure with ClickHouse, Redis, and PostgreSQL to support high-volume ingestion, low-latency access, and large-scale analytical querying.
  • Developed data pipelines and backend workflows powering user-facing analytics and application features, with end-to-end ownership across architecture, implementation, deployment, and iteration.

2024 - 2026

Sophos / SecureWorks

Principal Software Engineer

Leading Windows agent and EDR platform work across kernel and user mode, with a focus on exploit-aware telemetry, defensive hardening, and practical platform modernization.

  • Architected enterprise EDR capabilities across kernel and user mode
  • Established AI-assisted workflows and engineering standards across a large legacy codebase
  • Built crash-dump and behavioral-analysis utilities for production defense

2022 - 2024

Raytheon Cyber

Senior CNO Software Engineer

Developed advanced CNO tooling and led research into evasion, anti-analysis, and validation infrastructure across multiple operating systems.

  • Built implants, loaders, and supporting command-and-control infrastructure
  • Researched hypervisor-based and hardware-assisted evasion techniques
  • Introduced automated testing and CI patterns inside constrained environments

2020 - 2022

National Security Agency

Software Engineer / Systems Vulnerability Analyst

Worked across red- and blue-team assessments, supply-chain research, vulnerability analysis, and technical reporting for senior stakeholders.

  • Contributed to work referenced in senior-level cyber policy discussions
  • Researched SolarWinds-class attack paths and defensive replication strategies
  • Performed reverse engineering, application security audits, and tool evaluation

Technical Writing

View All