Malware Researcher/Detection Engineer

Summary

Join SentinelOne, a leader in cybersecurity, as a Malware Researcher/Detection Engineer. This 100% remote role, based in Italy (EU work eligibility required), focuses on detecting and preventing malware on Linux and cloud platforms. You will conduct in-depth malware analysis, develop detection methods, and integrate them into SentinelOne's AI-powered platform. The position requires experience in reverse engineering, malware analysis, and Linux security. SentinelOne offers a flexible work environment, generous benefits including stock options, bonuses, comprehensive insurance, flexible time off, parental leave, and professional development opportunities.

Requirements

• Experience with reverse engineering of x86/x64 binaries
• Experience in malware analysis (statically and dynamically)
• Understanding of Linux and Containers threat landscape (including but not limited to frameworks, MITRE IaaS)
• Proficiency in Linux OS architecture and internals – understanding how core system components (Processes and Threads, Virtual Memory and more) work behind the scenes
• Experience with Python or Lua or other languages for scripting
• Solid familiarity and understanding of C++
• Eligibility to work in the EU

Responsibilities

• Detect the newest malwares and exploits based on SentinelOne’s AI-powered Endpoint platform (EPP/EDR)
• Take end-to-end responsibility for behavior-based detection capabilities, starting from reversing samples, designing new detection or prevention methods, and incorporating them into the product with engineering teams
• Develop and use internal research tools and PoCs, discovering new ways to detect/prevent malicious techniques
• Enhance the security of Linux endpoints and cloud workloads platforms protected by the product
• Write white papers, blogs, and articles (optional)
• Develop Detection
• Write tests to cover new detections
• Conduct low-level security research
• Participate in peer code reviews and team design reviews
• Learn new technologies in the Linux and Cloud workloads security domains
• Support customers with issues and requests within the team’s domain

Preferred Qualifications

• Understanding of existing Anti-Virus/Endpoint Protection SW internals
• Experience with eBPF
• Experience with Cloud Workloads (EKS, ECS, Fargate, etc.)
• Experience working on a production-grade product with a wide-scale deployment

Benefits

• Flexible working hours; 100% remote role based within Italy
• Optional membership in major coworking chains
• Relocation assistance (optional, for those willing to relocate to the Czech Republic and are eligible to work in the EU)
• Generous employee stock plan in the form of RSUs (restricted stock units) grant not options; 4 years vesting with 1 year cliff and then quarterly, stock refresh yearly
• Yearly bonus depending on the performance of the company, paid out in 2 installments
• Quadro benefits - Private Medical, Life Insurance, Accident Insurance, Study funds and Healthcare benefits
• Flexible time off (up to 30 paid days off per annum!)
• Global gender-neutral Parental Leave (16 weeks, beyond the leave provided by the local laws) & Grandparent Leave
• Volunteering paid day off & Additional paid Company holidays off
• Global Employee Assistance Program (confidential counseling related to both personal and work life matters)
• Udemy Business platform for Hard/Soft skills Training, internal mentoring 'MentorOne' & Support for your further educational activities/trainings
• Above-standard referral bonus
• DEI&B programs that promote employee resource groups like SentinelWIN (Women Inclusion Network), Blk@S1, Latinos@S1, Pan-Asian@S1, Out@S1 (LGBTQIA+) and Sentinels Who Served
• Additional country-specific benefits to Italy