What are we looking for?

Join SetinelOne’s elite professional services division by becoming part of our proactive threat hunting program. Our Threat Hunters serve our clients by utilizing the SentinelOne platform to identify potential malware, malicious behavior, insider threats, and security hygiene issues that exist within client environments.

The Hunters’ goal is to identify threats, disrupt attacks prior to further damage occurring within a client environment, and advise for remediation as well as long-term security posture improvement. Incumbent will be responsible for identifying attack trends and threat intelligence by harvesting threat data generated by several million endpoints from across the globe.

This is an exciting opportunity to join a growing team of industry renowned experts dedicated to providing the highest level of security service to our clients.  

What will you do?

• Conduct proactive threat hunting services for SentinelOne clients
• Build, evolve, and expand hunting tooling, techniques and use-cases
• Integrate relevant threat intelligence and dark web data into hunting operations
• Advise engineering team on platform enhancements to further enable rapid and effective threat hunting
• Work closely with clients to remediate threats and improve long-term security posture

What experience or knowledge should you bring?

• 10-15+ years experience in security engineering, SOC operations, system administration, or other cyber security relevant roles
• 5+ years experience in digital forensic investigations, penetration testing, red teaming, threat intelligence, network threat hunting, or malware analysis
• 2+ years experience in threat hunting via endpoint focused threat hunting
• 3+ years Python scripting experience, including:
• API integration
• DB integration
• data manipulation 
• Multiprocessing   
• Working knowledge of git
• Experience with working under Scrum regime
• Ability to create code with the best Python practices
• Ability to work with large datasets to get valuable and vital information
• Strong understanding of common malware activity on endpoints
• Knowledge of MITRE ATT&CK framework and known APT group activity
• Operating system internals knowledge (Windows, Linux, OSX)
• Experience utilizing EDR technologies
• Experience with working with Cyber threat Intelligence tools and data
• Knowledge of OSINT tools and techniques

Why us?

You will work on real-world problems and make an impact by protecting our customers from cyber threats through influencing the architecture, design and structure of our core platform. You will tackle extraordinary challenges and work with the very BEST in the industry.