[Hiring] Windows Detection Engineer/Malware Researcher - Senior/Staff @SentinelOne

Role Description

As a Senior/Staff Windows Detection Engineer, you will help shape the future of endpoint security through a unified, converged platform that automatically prevents, detects, and responds to threats in real time. You will design and develop advanced Windows detections by combining deep system process inspection, behavioral analysis, and innovative machine learning techniques to identify and stop sophisticated attacks before they cause harm.

You will join a growing team of passionate security experts and technical leaders who think differently, challenge assumptions, and constantly explore new ways to outsmart adversaries. In this role, you will hunt for emerging threats, solve complex security problems, and deliver high-impact detection capabilities with speed and precision.

What will you do?

• Responsible for detecting the newest malware and exploits based on SentinelOne’s Endpoint Protection platform.
• End-to-end responsibility for behavior-based detection capabilities, including:
  • Reversing samples
  • Designing new methods to detect or prevent threats
  • Implementing solutions in the product (SW development in C++23 and scripting in Lua)
• Developing and using internal research tools, PoCs, and discovering new ways to detect/prevent exploitation attacks (EoP, drive-by attacks, and more).
• Enhancing the security of dozens of millions of Windows endpoints protected by our platform.

Qualifications

• Highly desirable experience in developing behavioral detection for AV/EPP/EDR or similar cybersecurity products.
• Several years of experience in malware analysis (statically and dynamically) and a deep understanding of modern Windows attack TTPs.
• Excellent understanding of Windows Internals, including core system components (Process and Threads, Virtual Memory, etc.).
• Hands-on experience and strong command of programming in C++ (expected to ship production-level code).
• Proven experience with reverse engineering of x86/x64/ARM binaries.
• Experienced with analysis tools such as IDA, WinDBG, SysInternals, etc.
• An advantage would be kernel development experience, Python or similar scripting language experience, and/or understanding of existing AV/EDR internals.

Benefits

• Flexible working hours; this is a remote role based within Italy.
• IWG pass to major coworking chains.
• Relocation assistance available for candidates willing to relocate to the Czech Republic (must be eligible to work in the EU).
• Generous employee stock plan in the form of RSUs (restricted stock units); 4 years vesting with 1 year cliff and then quarterly, stock refresh yearly.
• Yearly bonus depending on the performance of the company, paid out in 2 installments.
• Global gender-neutral Parental Leave (16 weeks, beyond local laws) & Grandparent Leave.
• Volunteering paid day off & additional paid Company holidays off (e.g., 4 days in 2022).
• Global Employee Assistance Program (confidential counseling related to personal and work life matters).
• Udemy Business platform for Hard/Soft skills Training & Support for further educational activities/trainings.
• Above-standard referral bonus and additional country-specific benefits to Italy.