About this role
Our Purpose
At SentinelOne, we are driven by a clear purpose: to give the advantage to those who secure our future. As AI reshapes how organizations build, operate, and innovate, the responsibility to protect them becomes more critical than ever. When you join SentinelOne, your work helps protect global enterprises, critical infrastructure, and the technologies shaping tomorrow. If you are motivated by meaningful challenges and want your impact to be real, measurable, and global, you will find purpose here.
About Us
SentinelOne is a company at the intersection of AI and security, pioneering a new operating model for cybersecurity. Our AI-native platform unifies protection across endpoint, cloud, identity, data, and AI systems to deliver autonomous detection and response with clarity and speed. By combining real-time analytics, intelligent automation, and a unified data foundation, we reduce noise, simplify complexity, and empower security teams to focus on what truly matters.
Our teams are builders, problem-solvers, and innovators committed to shaping the future of security. If you are excited to solve hard problems alongside talented, mission-driven people, we invite you to help us build a safer future for humanity.
What Are We Looking For?
We’re looking for people who are relentlessly curious and committed to continuous learning. AI is reshaping every function across our business, and we enable every team member, regardless of role or level, to build fluency in AI tools and concepts. Those who thrive here actively seek out new solutions, experiment thoughtfully, and apply what they learn to drive better, faster, smarter outcomes. As a Senior Windows Malware Researcher / Detection Engineer you will be tasked with helping shaping the future of endpoint security through a unified, converged platform that automatically prevents, detects, and responds to threats in real time. You will design and develop advanced Windows detections by combining deep system process inspection, behavioral analysis, and innovative machine learning techniques to identify and stop sophisticated attacks before they cause harm.
You will join a growing team of passionate security experts and technical leaders who think differently, challenge assumptions, and constantly explore new ways to outsmart adversaries. In this role, you will hunt for emerging threats, solve complex security problems, and deliver high-impact detection capabilities with speed and precision.
What Will You Do?
Primary responsibilities include :
• You will be responsible for detecting the newest malware and exploits based on SentinelOne’s Endpoint Protection platform. Your role won’t end with a hypothesis or a document - you’ll have an end to end responsibility for behaviour-based detection capabilities, starting from reversing the samples, designing new methods to detect or prevent those, and implementing it in the product in the end (SW development in C++23 and scripting in Lua).
• You will be developing and using internal research tools, PoCs and discovering new ways to detect/prevent exploitation attacks (EoP, drive-by attacks and more).
• At the end of the day, your deliveries will enhance the security of dozens of millions of Windows endpoints which are protected by our platform.
• You will also be encouraged to write white papers, blogs, and articles (but only if you wish to).
• you will meet extraordinary challenges facing the newest attacks and tech obstacles and overcoming them. You will work with the very BEST in the industry in a flexible and independent environment. You will influence the design of a disruptive product that will shape the security industry of tomorrow.
What Skills and Knowledge Will You Bring?
Ideal candidates will have:
• Excellent understanding of the Windows Internals - understanding how core system components (Process and Threads, Virtual Memory and more) work behind the scenes
• Detection engineering: creating behavioral sensors and heuristics / logics
• Several years of experience with C++
• Proven experience with reverse engineering & malware analysis of x86/x64/ARM binaries (both statically and dynamically)
• Experienced with analysis tools, such as: IDA, WinDBG, SysInternals etc.
• An advantage would be - kernel development experience, Python experience, and/or understanding of existing EDR / AV internals
Why SentinelOne?
AI is redefining how the world operates and rewriting the rules of security in real time, and SentinelOne was built for this moment. From day one, we architected an AI-native platform designed to operate at machine speed, not as an add-on to legacy systems but as the foundation itself. If you want to build where innovation and impact move together, this is that place.
We invest in our Sentinels with comprehensive, competitive benefits designed to support you and your family:
Equity & Rewards
• Restricted Stock Units (RSUs)
• Employee Stock Purchase Plan (ESPP)
Time Off & Wellbeing
• Competitive leave benefits
• Gender-neutral parental leave
• Employee Assistant Program
• Workout sessions and a Wellness App
Insurance & Financial Security
• Medical and insurance benefits
• Pension
• Employee Assistance Program (EAP)
Work Perks & Flexibility
• Global home office allowance
• Mobile phone reimbursement
SentinelOne is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.
SentinelOne participates in the E-Verify Program for all U.S. based roles.
At SentinelOne, we are driven by a clear purpose: to give the advantage to those who secure our future. As AI reshapes how organizations build, operate, and innovate, the responsibility to protect them becomes more critical than ever. When you join SentinelOne, your work helps protect global enterprises, critical infrastructure, and the technologies shaping tomorrow. If you are motivated by meaningful challenges and want your impact to be real, measurable, and global, you will find purpose here.
About Us
SentinelOne is a company at the intersection of AI and security, pioneering a new operating model for cybersecurity. Our AI-native platform unifies protection across endpoint, cloud, identity, data, and AI systems to deliver autonomous detection and response with clarity and speed. By combining real-time analytics, intelligent automation, and a unified data foundation, we reduce noise, simplify complexity, and empower security teams to focus on what truly matters.
Our teams are builders, problem-solvers, and innovators committed to shaping the future of security. If you are excited to solve hard problems alongside talented, mission-driven people, we invite you to help us build a safer future for humanity.
What Are We Looking For?
We’re looking for people who are relentlessly curious and committed to continuous learning. AI is reshaping every function across our business, and we enable every team member, regardless of role or level, to build fluency in AI tools and concepts. Those who thrive here actively seek out new solutions, experiment thoughtfully, and apply what they learn to drive better, faster, smarter outcomes. As a Senior Windows Malware Researcher / Detection Engineer you will be tasked with helping shaping the future of endpoint security through a unified, converged platform that automatically prevents, detects, and responds to threats in real time. You will design and develop advanced Windows detections by combining deep system process inspection, behavioral analysis, and innovative machine learning techniques to identify and stop sophisticated attacks before they cause harm.
You will join a growing team of passionate security experts and technical leaders who think differently, challenge assumptions, and constantly explore new ways to outsmart adversaries. In this role, you will hunt for emerging threats, solve complex security problems, and deliver high-impact detection capabilities with speed and precision.
What Will You Do?
Primary responsibilities include :
• You will be responsible for detecting the newest malware and exploits based on SentinelOne’s Endpoint Protection platform. Your role won’t end with a hypothesis or a document - you’ll have an end to end responsibility for behaviour-based detection capabilities, starting from reversing the samples, designing new methods to detect or prevent those, and implementing it in the product in the end (SW development in C++23 and scripting in Lua).
• You will be developing and using internal research tools, PoCs and discovering new ways to detect/prevent exploitation attacks (EoP, drive-by attacks and more).
• At the end of the day, your deliveries will enhance the security of dozens of millions of Windows endpoints which are protected by our platform.
• You will also be encouraged to write white papers, blogs, and articles (but only if you wish to).
• you will meet extraordinary challenges facing the newest attacks and tech obstacles and overcoming them. You will work with the very BEST in the industry in a flexible and independent environment. You will influence the design of a disruptive product that will shape the security industry of tomorrow.
What Skills and Knowledge Will You Bring?
Ideal candidates will have:
• Excellent understanding of the Windows Internals - understanding how core system components (Process and Threads, Virtual Memory and more) work behind the scenes
• Detection engineering: creating behavioral sensors and heuristics / logics
• Several years of experience with C++
• Proven experience with reverse engineering & malware analysis of x86/x64/ARM binaries (both statically and dynamically)
• Experienced with analysis tools, such as: IDA, WinDBG, SysInternals etc.
• An advantage would be - kernel development experience, Python experience, and/or understanding of existing EDR / AV internals
Why SentinelOne?
AI is redefining how the world operates and rewriting the rules of security in real time, and SentinelOne was built for this moment. From day one, we architected an AI-native platform designed to operate at machine speed, not as an add-on to legacy systems but as the foundation itself. If you want to build where innovation and impact move together, this is that place.
We invest in our Sentinels with comprehensive, competitive benefits designed to support you and your family:
Equity & Rewards
• Restricted Stock Units (RSUs)
• Employee Stock Purchase Plan (ESPP)
Time Off & Wellbeing
• Competitive leave benefits
• Gender-neutral parental leave
• Employee Assistant Program
• Workout sessions and a Wellness App
Insurance & Financial Security
• Medical and insurance benefits
• Pension
• Employee Assistance Program (EAP)
Work Perks & Flexibility
• Global home office allowance
• Mobile phone reimbursement
SentinelOne is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.
SentinelOne participates in the E-Verify Program for all U.S. based roles.
Tech stack
PythonC++
About SentinelOne
SentinelOne is hiring for the senior windows malware researcher / detection engineer role. NewJob aggregates active openings directly from SentinelOne's applicant tracking system, so this listing is current.
More jobs at SentinelOne →