Windows Security Researcher

Summary

Join SentinelOne's exceptional research team and contribute to cutting-edge cybersecurity solutions. As a Security Research Expert, you will focus on researching and developing detection and protection assets for Windows platforms. Responsibilities include assessing detection coverage against vulnerabilities and exploits, implementing innovative solutions, proposing new features, and conducting deep research into Windows OS internals. You will also develop new detection content for various engines, ensuring high-quality deliverables and maintaining related infrastructure. Collaboration with other teams and potential contributions to white papers or blog posts are also expected. This role requires extensive experience in security research, Windows kernel development, vulnerability analysis, and reverse engineering. Competitive benefits include stock options, bonuses, flexible time off, comprehensive insurance, and various work perks.

Requirements

• 3+ years of hands-on experience in security research, ideally focused on Windows platforms
• Strong knowledge of Windows Kernel development and/or low-level research
• Deep understanding of vulnerabilities and exploitation techniques targeting Windows (both usermode and kernelmode)
• Excellent understanding of Windows Internals, including components like processes and threads, memory management, IPC, security models, system services, and tracing mechanisms
• Proven ability to conduct both offensive and defensive security research
• At least 3 years of experience in reverse engineering (x86/x64, static and dynamic)
• Solid understanding of C, C++, and assembly, especially for analyzing low-level code and understanding system behavior
• Hands-on experience with analysis tools such as IDA, Ghidra, WinDBG, SysInternals, etc
• Good understanding of EDR, EPP, and AV internals

Responsibilities

• Assessing and evaluating our detection and protection coverage against in the wild vulnerabilities, exploits, and anti-tampering techniques
• Closing the loop by conducting research to discover and implement innovative solutions for these security challenges
• Initiate and propose new features and capabilities, leveraging personal experience and expertise in security research
• Perform strategic long-term research projects that involve deep research of Windows OS internals, new detection techniques, and novel threats
• Continually learn about emerging vulnerabilities, exploits, threats, techniques, and new technologies on a regular basis
• As a security research expert, you’ll collaborate with many teams to help and support their work using your expertise, knowledge, or research
• You’ll be responsible for developing the new detection content for all of our engines that will improve our detection, protection, and visibility, reaching all of our millions of endpoints across the globe
• You’ll be responsible for the quality and accuracy of the deliverables that you’ll create and be accountable for them
• You’ll create, maintain, and improve existing infrastructure and tools that are being used by the team
• You will also be encouraged to write white papers, blogs, and articles (but only if you wish to)

Preferred Qualifications

• Experience developing EDR/EPP bypasses or self-protection mechanisms
• Windows driver development
• Modern exploit mitigations and their bypass techniques (e.g., CFG, HVCI, PatchGuard)
• Threat emulation, red teaming, or malware simulation frameworks
• Publishing technical research (e.g., CVEs, blogposts, or conference talks)

Benefits

• Grant of Restricted Stock Units with a 4-year vesting plan
• Annual performance-based bonuses
• An employee stock purchase plan
• Flexible Time Off
• On top of the standard 5 weeks vacation
• Flexible paid sick days
• Fully paid Short Term Sick/Nursing Leave
• 16-week parental leave
• Grandparent leave
• Additional company holidays
• Pension Insurance Contribution
• Premium life insurance
• Private medical care (for you and +1)
• A Global Employee Assistance Program
• Monthly meal and well-being allowance
• High-end MacBook/Windows laptop
• Work-from-home support
• In-office refreshments
• LinkedIn Learning
• Internal mentoring
• Educational support
• Generous referral bonuses
• Optional company events (sports, BBQs, charity)