Malware Researcher/Detection Engineer - Linux

At SentinelOne, we’re redefining cybersecurity by pushing the limits of what’s possible—leveraging AI-powered, data-driven innovation to stay ahead of tomorrow’s threats.

From building industry-leading products to cultivating an exceptional company culture, our core values guide everything we do. We’re looking for passionate individuals who thrive in collaborative environments and are eager to drive impact. If you’re excited about solving complex challenges in bold, innovative ways, we’d love to connect with you.

We are seeking a talented malware researcher/detection engineer with experience in Linux and/or cloud security domains. You should be capable of exploring new technologies, designing and developing innovative detection ideas from scratch, and driving detection capabilities and infrastructure at scale within our products.

• Detect the latest malware and exploits using SentinelOne’s AI-powered Endpoint platform (EPP/EDR).
• Take end-to-end responsibility for behavior-based detection capabilities, including analyzing samples, designing detection/prevention methods, and integrating them into our products with engineering teams.
• Develop and utilize internal research tools, proof of concepts, and discover new ways to detect and prevent malicious techniques.

Your work will enhance the security of numerous Linux endpoints and cloud workloads protected by our product, serving thousands of users globally, including some of the largest companies, and handling billions of events daily.

You are also encouraged to write white papers, blogs, and articles if you wish.

• Develop detection methods
• Write tests for new detections
• Conduct low-level security research
• Participate in peer code reviews and design discussions
• Learn new Linux and Cloud security technologies
• Support customers with issues and requests within your domain

• Experience with reverse engineering x86/x64 binaries
• Malware analysis skills (static and dynamic)
• Understanding of Linux and container threat landscapes (including frameworks, MITRE IaaS)
• Proficiency in Linux OS internals and architecture
• Scripting skills in Python, Lua, or similar languages
• Solid understanding of C++
• Additional advantages include:
• Knowledge of Anti-Virus/Endpoint Protection internals
• Experience with eBPF (more info here)
• Experience with Cloud workloads (EKS, ECS, Fargate)
• Experience working on scalable, production-grade products

You will face and overcome the latest security challenges, working with industry leaders in a flexible environment. You will influence the design of disruptive products shaping the future of security.

• Flexible working hours, this is a 100% remote role based in Italy. We consider candidates eligible to work in the EU, and offer relocation assistance within the Czech Republic for eligible candidates.
• Generous stock plan (RSUs), with 4-year vesting and a 1-year cliff.
• Yearly performance-based bonus paid in two installments.
• Benefits including private medical, life, and accident insurance, study funds, and healthcare.
• Up to 30 paid days off annually, plus parental and grandparent leave.
• Paid volunteering days and additional company holidays.
• Confidential counseling through our Employee Assistance Program.
• Training platforms, internal mentoring, and support for further education.

Additional benefits for Italy

SentinelOne is an equal opportunity employer, committed to diversity and inclusion. We participate in the E-Verify program for U.S. roles.