Staff Windows Detection Engineer

Описание вакансии

Our Purpose

At SentinelOne, we are driven by a clear purpose: to give the advantage to those who secure our future. As AI reshapes how organizations build, operate, and innovate, the responsibility to protect them becomes more critical than ever. When you join SentinelOne, your work helps protect global enterprises, critical infrastructure, and the technologies shaping tomorrow. If you are motivated by meaningful challenges and want your impact to be real, measurable, and global, you will find purpose here.

About Us

SentinelOne is a company at the intersection of AI and security, pioneering a new operating model for cybersecurity. Our AI-native platform unifies protection across endpoint, cloud, identity, data, and AI systems to deliver autonomous detection and response with clarity and speed. By combining real-time analytics, intelligent automation, and a unified data foundation, we reduce noise, simplify complexity, and empower security teams to focus on what truly matters.

Our teams are builders, problem-solvers, and innovators committed to shaping the future of security. If you are excited to solve hard problems alongside talented, mission-driven people, we invite you to help us build a safer future for humanity.

What Are We Looking For?

We’re looking for people who are relentlessly curious and committed to continuous learning. AI is reshaping every function across our business, and we enable every team member, regardless of role or level, to build fluency in AI tools and concepts. Those who thrive here actively seek out new solutions, experiment thoughtfully, and apply what they learn to drive better, faster, smarter outcomes.

As a Staff Windows Detection Engineer, you will research and detect the latest malware and exploits on the SentinelOne EPP platform. You will reverse-engineer samples to design and implement robust detection methods that prevent sophisticated attacks. Additionally, you will develop custom research tools and PoCs to strengthen protection across millions of endpoints.

Why us?

Because you will meet extraordinary challenges facing the newest attacks and tech obstacles and overcoming them.

You will work with the very BEST in the industry in a flexible and independent environment.

You will influence the design of a disruptive product that will shape the security industry of tomorrow.

What will you do?

You will be responsible for detecting the newest malware and exploits based on SentinelOne’s EPP platform. The role includes an end to end responsibility for behaviour based detection capabilities, starting from reversing the samples, designing new methods to detect or prevent those, and implementing it in the product in the end. You will be developing and using internal research tools, PoCs and discovering new ways to detect/prevent exploitation attacks (EoP, drive-by attacks and more). At the end of the day, your deliveries will enhance the security of dozens of millions of Windows endpoints which are protected by our platform.

What experience or knowledge should you bring?

• Excellent understanding of the Windows Internals - understanding how core system components (Process and Threads, Virtual Memory and more) work behind the scenes.
• 3+ years of experience in malware analysis (statically and dynamically)
• 3+ years of experience with C++
• Proven experience with reverse engineering of x86/x64/ARM binaries.
• Experienced with analysis tools, such as: IDA, WinDBG, SysInternals etc.
• Kernel development experience  - advantage
• Python experience - advantage
• Advanced C++ - advantage
• Understanding of existing AVs internals - advantage.

SentinelOne is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

SentinelOne participates in the E-Verify Program for all U.S. based roles.