Malware Researcher/Detection Engineer

Summary

Join SentinelOne, a leader in cybersecurity, as a Malware Researcher/Detection Engineer. You will play a crucial role in detecting and preventing malware threats on Linux and cloud platforms. This role involves reverse engineering, developing detection methods, and integrating them into our AI-powered platform. You will collaborate with engineering teams, conduct security research, and contribute to enhancing the security of our global client base. The position offers a flexible, remote work environment with competitive benefits and opportunities for professional growth. We are seeking candidates with experience in malware analysis, Linux security, and relevant programming languages. SentinelOne offers a supportive and collaborative environment where innovation is valued.

Requirements

• Have experience with reverse engineering of x86/x64 binaries
• Have experience in malware analysis (statically and dynamically)
• Understand the Linux and Containers threat landscape (including but not limited to frameworks, MITRE IaaS)
• Be proficient in Linux OS architecture and internals – understanding how core system components (Processes and Threads, Virtual Memory and more) work behind the scenes
• Have experience with Python or Lua or other languages for scripting
• Have solid familiarity and understanding of C++
• Be eligible to work in the EU at the time of applying

Responsibilities

• Detect the newest malwares and exploits based on SentinelOne’s AI-powered Endpoint platform (EPP/EDR)
• Take end-to-end responsibility for behavior-based detection capabilities, starting from reversing samples, designing new methods to detect or prevent them, and incorporating them into the product with engineering teams
• Develop and use internal research tools and PoCs, discovering new ways to detect/prevent malicious techniques
• Enhance the security of Linux endpoints and cloud workloads platforms protected by the product
• Write white papers, blogs, and articles (optional)
• Develop detection
• Write tests to cover new detections
• Conduct low-level security research
• Participate in peer code reviews and team design reviews
• Learn new technologies in the Linux and Cloud workloads security domains
• Support customers with issues and requests within the team’s domain

Preferred Qualifications

• Understand existing Anti-Virus/Endpoint Protection SW internals
• Have experience with eBPF
• Have experience with Cloud Workloads (EKS, ECS, Fargate, etc.)
• Have experience working on a production-grade product with a wide-scale deployment

Benefits

• Permanent-full-time collaboration (UoP)
• Flexible working hours; 100% remote role based within Poland; optional membership in major co-working spaces
• Relocation assistance (optional, for those willing to relocate to the Czech Republic and eligible to work in the EU)
• Generous employee stock plan in the form of a grant of RSUs (restricted stock units), not options; 4 years vesting with a 1-year cliff and then quarterly, stock refresh yearly
• Yearly bonus depending on company performance, paid in 2 installments
• LuxMed, Life Insurance, Disability Insurance, PPK (4% employer contribution)
• Flexible time off (up to 30 paid days off per annum!)
• Volunteering paid day off & Additional paid Company holidays off
• Monthly Wellness Allowance
• Monthly Working from Home allowance
• Global gender-neutral Parental Leave (16 weeks, beyond the leave provided by the local laws) & Grandparent Leave
• Global Employee Assistance Program (confidential counseling related to both personal and work life matters)
• Udemy Business platform for Hard/Soft skills Training & Support for your further educational activities/trainings
• Above-standard referral bonus
• DEI&B programs that promote employee resource groups like SentinelWIN (Women Inclusion Network), Blk@S1, Latinos@S1, Pan-Asian@S1, Out@S1 (LGBTQIA+) and Sentinels Who Served
• Additional Country-specific Benefits & Allowances To Poland