Senior Malware Researcher/Detection Engineer - Linux/Cloud Security

Senior Malware Researcher / Detection Engineer - Linux / Cloud Security

At SentinelOne, we’re redefining cybersecurity by pushing the limits of what’s possible—leveraging AI-powered, data-driven innovation to stay ahead of tomorrow’s threats.

From building industry-leading products to cultivating an exceptional company culture, our core values guide everything we do. We’re looking for passionate individuals who thrive in collaborative environments and are eager to drive impact. If you’re excited about solving complex challenges in bold, innovative ways, we’d love to connect with you.

What are we looking for?

We are seeking a talented malware researcher / detection engineer with experience in Linux and / or cloud security. Candidates should be capable of exploring new technologies, designing and developing innovative ideas from scratch, and driving new detection capabilities and infrastructure at scale for our products.

What will you do?

• Detect the latest malware and exploits using SentinelOne’s AI-powered Endpoint platform (EPP / EDR).
• Take end-to-end responsibility for behavior-based detection capabilities, including reversing samples, designing new detection / prevention methods, and integrating solutions into the product with engineering teams.
• Develop and utilize internal research tools, proof-of-concepts, and discover new ways to detect and prevent malicious techniques.

Your work will enhance the security of numerous Linux endpoints and cloud workloads protected by our products, serving thousands of enterprise and public sector clients worldwide, processing billions of events daily.

You will also have opportunities to write white papers, blogs, and articles if desired.

• Write tests for new detections
• Conduct low-level security research
• Participate in peer code reviews and design discussions
• Learn new Linux and cloud security technologies
• Support customers with issues within your domain

What skills & knowledge should you bring?

• Experience with reverse engineering x86 / x64 binaries
• Malware analysis skills (static and dynamic)
• Understanding of Linux and container threat landscapes (including MITRE IaaS frameworks)
• Proficiency in Linux OS internals and architecture
• Scripting skills in Python, Lua, or similar
• Solid knowledge of C++
• Additional advantages include :
• Understanding of Anti-Virus / Endpoint Protection internals
• Experience with eBPF (more info at SentinelOne)
• Experience with cloud workloads (EKS, ECS, Fargate, etc.)
• Experience working on large-scale, production-grade products

Why us?

Join us to face extraordinary challenges posed by emerging attacks and technological hurdles. Work with industry-leading experts in a flexible, independent environment and influence the design of disruptive security products shaping the industry of tomorrow.

What we offer you

• Flexible working hours; this is a 100% remote role within Italy. We consider candidates already eligible to work in the EU or willing to relocate to the Czech Republic with assistance.
• Generous employee stock plan (RSUs) with 4-year vesting and 1-year cliff
• Yearly performance-based bonus paid in two installments
• Comprehensive benefits : private medical, life and accident insurance, study funds, healthcare
• Up to 30 paid days off annually
• Global gender-neutral parental leave (16 weeks) and grandparent leave
• Paid volunteering days and additional company holidays
• Employee assistance program and educational support via Udemy
• Additional country-specific benefits for Italy

SentinelOne is an Equal Opportunity Employer and participates in E-Verify for U.S. roles. We do not discriminate based on protected characteristics.

J-18808-Ljbffr