Detection Architect

Summary

Join SentinelOne, a leading cybersecurity company, as a Detection Architect to drive the evolution of detection engineering capabilities across the platform. Define detection strategies scaling across diverse threat surfaces, from endpoints to the cloud. Work collaboratively with threat researchers, engineers, and product teams. Shape detection at a cutting-edge cybersecurity company. Lead the design of scalable detection logic and mentor detection engineers and researchers. Evaluate and improve the quality, precision, and reliability of detection signals.

Requirements

• Proven experience in threat detection engineering at scale and in a production environment delivering production detections to a large number of customers
• Deep understanding of adversary behavior, including MITRE ATT&CK tactics and real-world threat techniques
• Expertise in heavily automated detection systems and applications of machine learning to detection across domains (e.g., EDR, cloud, third-party logs, identity signals)
• Familiarity with detection-as-code and detection release practices
• Knowledge of Windows, macOS, and Linux internals and low level development experience on at least one OS
• Strong communications and mentoring skills, including proven abilities to interact with customers and executives
• Proficiency in Python or another language
• Experience with Jenkins or other CI/CD systems for test and release automation
• Expertise in working with modern data architectures and security telemetry pipelines for analytics at scale
• Ability to rapidly prototype novel solutions to challenging detection problems

Responsibilities

• Define detection coverage strategy and drive operations for threat detection across cloud, endpoint, identity, and AI-SIEM detection engines
• Lead the design of scalable, performant detection logic and detection engines across SentinelOne’s product lines
• Partner with threat researchers, reverse engineers, security data scientists, threat hunters, and incident responders to scale discovery of adversary tradecraft
• Evaluate and improve the quality, precision, and reliability of detection signals in production
• Mentor and guide detection engineers and researchers across the entire SentinelOne Detection organization

Benefits

• Medical, Vision, Dental, 401(k), Commuter, Health and Dependent FSA
• Unlimited PTO
• Industry-leading gender-neutral parental leave
• Paid Company Holidays
• Paid Sick Time
• Employee stock purchase program
• Disability and life insurance
• Employee assistance program
• Gym membership reimbursement
• Cell phone reimbursement
• Numerous company-sponsored events, including regular happy hours and team-building events