Staff Malware Researcher/Detection Engineer - Linux

At SentinelOne, we’re redefining cybersecurity by leveraging AI-powered, data-driven innovation to stay ahead of tomorrow’s threats.

Our core values guide everything we do, from building industry-leading products to cultivating an exceptional company culture. We seek passionate individuals who thrive in collaborative environments and are eager to make an impact. If you enjoy solving complex challenges in innovative ways, we’d love to connect with you.

We are seeking an experienced Staff (technical-leader level) malware researcher/detection engineer with expertise in Linux and/or cloud security. Candidates should be capable of exploring new technologies, designing and developing innovative ideas from scratch, and driving detection capabilities and infrastructure at scale for our products.

• Detect the latest malware and exploits using SentinelOne’s AI-powered Endpoint platform (EPP/EDR).
• Take end-to-end responsibility for behavior-based detection capabilities, including reversing samples, designing new detection/prevention methods, and integrating solutions with engineering teams.
• Develop and utilize internal research tools, PoCs, and discover new detection/prevention techniques.
• Lead research efforts, design detection features, mentor team members, and provide technical leadership. Collaborate with researchers, engineers, tech leads, architects, and product managers.

Your work will enhance the security of numerous Linux endpoints and cloud workloads protected by our product, serving thousands of users globally and processing billions of events daily. You will also have the opportunity to write white papers, blogs, and articles if you wish.

• Develop detections
• Write tests for new detections
• Conduct low-level security research
• Participate in peer code reviews and design reviews
• Learn new Linux and Cloud security technologies
• Support customers within your domain

• Malware analysis (static and dynamic)
• Understanding of Linux and container threat landscapes (including MITRE IaaS frameworks)
• Proficiency in Linux OS architecture and internals
• Scripting experience in Python, Lua, or similar languages
• Solid knowledge of C++
• Preferred: reverse engineering x86/x64 binaries, understanding of anti-virus internals, eBPF experience, cloud workloads experience (EKS, ECS, Fargate), and experience with large-scale production products.

Join us to tackle the latest attacks and technological challenges. Work with industry-leading experts in a flexible, independent environment, and influence the design of disruptive security products shaping the industry of tomorrow.

• Flexible, remote work within Italy; candidates must be eligible to work in the EU. Relocation assistance available for those willing to move to the Czech Republic.
• Generous RSU stock plan with 4-year vesting, yearly bonuses, comprehensive benefits including private medical, life, and accident insurance, paid time off, parental and grandparent leave, volunteering days, counseling services, training platforms, and referral bonuses.

SentinelOne is an Equal Employment Opportunity employer, committed to diversity and inclusion. We participate in the E-Verify Program for U.S. roles.