At SentinelOne, we’re redefining cybersecurity by pushing the limits of what’s possible—leveraging AI-powered, data-driven innovation to stay ahead of tomorrow’s threats.
From building industry-leading products to cultivating an exceptional company culture, our core values guide everything we do. We’re looking for passionate individuals who thrive in collaborative environments and are eager to drive impact. If you’re excited about solving complex challenges in bold, innovative ways, we’d love to connect with you.
About the Role:
As an Incident Response (IR) Intern, you will play an important role in helping SentinelOne investigate and respond to real-world cybersecurity incidents. You’ll work closely with experienced security professionals, assist in threat investigations, and support the teams that help protect our customers from advanced cyber threats. We are hiring across our Security Operations team where you’ll gain exposure to DFIR workflows, tools, and techniques. If you're passionate about cybersecurity, investigative work, and want to contribute to protecting organizations from cyber attacks, we’d love to meet you.
What will you do?
Support the DFIR team in active incident response engagements and threat investigations
Learn to use the SentinelOne platform and digital forensics tools to collect and analyze evidence
Assist in gathering, documenting, and analyzing digital artifacts during security events
Shadow and participate in real-world investigations and customer communications
Collaborate with internal teams including Threat Intelligence, Detection Engineering, and IR
Contribute to documentation including reports, playbooks, and post-incident summaries
Assist in automation initiatives and tool evaluations to improve response workflows
Help support ad hoc DFIR-related tasks and projects as they arise
What skills and knowledge should you bring?
Must be currently enrolled in a full-time, degree-seeking program with an expected graduation date in 2026
Demonstrated interest in cybersecurity, digital forensics, or incident response
Ability to learn new tools and technology quickly and apply analytical thinking
Strong attention to detail and effective problem-solving skills
Enthusiastic, curious, and driven to learn in a fast-paced, team-oriented environment
Strong communication skills and a desire to contribute to meaningful work
Our Internship Program:
Our global internship program trains the next generation of cybersecurity talent across a range of specializations, from threat intelligence to information security, engineering, and marketing. Interns can learn about the network security industry from leading thinkers, grow their professional networks, and be part of a career-defining experience including:
1:1 mentorship
The opportunity to expand your knowledge and work on challenging projects
Training and development opportunities
Connections to other recent grads and employees across the company
Leadership speaker series with senior leadership and industry experts
Fun events!
Length of internship: 9-weeks (June 23–August 22, 2025)
Hours: Interns are expected to work full-time, 40 hours per week
This U.S. role has an hourly pay range that will vary based on the location of the candidate. For some locations, a different pay range may apply. If so, this range will be provided to you during the recruiting process. You can also reach out to the recruiter with any questions.
SentinelOne is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.
SentinelOne participates in the E-Verify Program for all U.S. based roles.
Similar Jobs
What We Do
SentinelOne is a leading provider of autonomous security solutions for endpoint, cloud, and identity environments. Founded in 2013 by a team of cybersecurity and defense experts, SentinelOne revolutionized endpoint protection with a new, AI-powered approach. Our platform unifies prevention, detection, response, remediation, and forensics in a single, easy-to-use solution.
Our endpoint security product is designed to protect your organization's endpoints from known and unknown threats, including malware, ransomware, and APTs. It uses artificial intelligence to continuously learn and adapt to new threats, providing real-time protection and automated response capabilities.
SentinelOne's approach to security is designed to help organizations secure their assets with speed and simplicity. We provide the ability to detect malicious behavior across multiple vectors, rapidly eliminate threats with fully-automated integrated response, and adapt their defenses against the most advanced cyberattacks.
We are recognized by Gartner in the Endpoint Protection Magic Quadrant as a Leader and have enterprise customers worldwide. Our customers include some of the world's largest companies in various industries such as finance, healthcare, government, and more.
At SentinelOne, we understand that cybersecurity is a constantly evolving field and that the threats facing organizations are becoming increasingly sophisticated. That's why we are committed to staying at the forefront of technology and innovation and providing our customers with the best protection against cyber threats.
We offer our customers a wide range of services, including threat hunting, incident response, and incident management. Our team of experts is available to assist you 24/7 and can help you respond to and manage cyber incidents quickly and effectively.
To learn more about our products and services, please visit our website at www.sentinelone.com or contact us to schedule a demo
Gallery



.png)





