Sr. Director, Global Threat Hunting

What are we looking for?

SentinelOne is seeking a threat hunting leader with proven experience developing programs, running concurrent intrusion events, and operating at company scale.  This role is a critical component for SentinelOne’s ability to identify intrusion gaps, deploy emerging detections, work across teams in stressful environments, and continually improve our detection through response cycle.  This leader will rapidly develop processes, test and field different technologies, and convert ad hoc efforts to established workflows.  You will act as the cornerstone for the most important work done at SentinelOne–ensuring our clients are protected.

What will you do? 

• Lead a team of threat hunters in designing and implementing an intelligence-driven threat hunting effort while working with different teams, to include DFIR, MDR, Intelligence, and Detection Engineering.
• Regularly identify, research, and refine emerging intrusion techniques to develop specific hunting content and work with various teams to convert these efforts to product-grade detections.
• Provide technical leadership and experience to improve SentinelOne’s ability to identify, detect, and respond to intrusion activity in both single-victim and large-scale victim situations.
• Convert technical actions to executive-ready communications enabling rapid decisionmaking across SentinelOne.
• Work with engineering and tooling teams in a continual refinement and development cycle for internal capabilities.

What skills and knowledge should you bring?

• Prefer 15+ years of progressive professional experience (or equivalent combination of experience, certifications, and education), including multiple recent years of dedicated threat hunting organizational leadership in an enterprise or global environment.
• Demonstrated ability to lead multiple functions through an ongoing intrusion discovery event affecting multiple victims simultaneously.
• Experience developing, deploying, refining, and making implementation decisions for a wide variety of hunting and detection logic.
• Proven experience with forensic tools/platforms, threat hunting tools, query languages, and related technologies.
• Ability to develop manual processes and transition to automated workflows.
• Provide recommendations and associated prioritization for capability adjustment involving both external vendors and internal development.
• Possess in-depth knowledge in intrusion attack surface knowledge for a variety of areas, to include EDR, cloud, and identity.

Why us? 

You will be joining a cutting-edge company where you will tackle extraordinary challenges and work with the very best in the industry.

• Medical, Vision, Dental, 401(k), Commuter, Health and Dependent FSA
• Unlimited PTO
• Industry-leading gender-neutral parental leave
• Paid Company Holidays
• Paid Sick Time
• Employee stock purchase program
• Disability and life insurance
• Employee assistance program
• Gym membership reimbursement
• Cell phone reimbursement
• Ad-hoc travel for company-sponsored events and team-building events