Senior Windows Identity Detection Engineer

Our Purpose

At SentinelOne we are driven by a clear purpose: to give the advantage to those who secure our future. As AI reshapes how organizations build operate and innovate the responsibility to protect them becomes more critical than ever. When you join SentinelOne your work helps protect global enterprises critical infrastructure and the technologies shaping tomorrow. If you are motivated by meaningful challenges and want your impact to be real measurable and global you will find purpose here.

About Us

SentinelOne is a company at the intersection of AI and security pioneering a new operating model for cybersecurity. Our AI-native platform unifies protection across endpoint cloud identity data and AI systems to deliver autonomous detection and response with clarity and speed. By combining real-time analytics intelligent automation and a unified data foundation we reduce noise simplify complexity and empower security teams to focus on what truly matters.

Our teams are builders problem-solvers and innovators committed to shaping the future of security. If you are excited to solve hard problems alongside talented mission-driven people we invite you to help us build a safer future for humanity.

What Are We Looking For

Were looking for people who are relentlessly curious and committed to continuous learning. AI is reshaping every function across our business and we enable every team member regardless of role or level to build fluency in AI tools and concepts. Those who thrive here actively seek out new solutions experiment thoughtfully and apply what they learn to drive better faster smarter outcomes.

As a Senior Windows Identity Detection Engineer you will research and detect emerging identity threats by developing behavior-based detection methods. Youll build tools and PoCs to identify and prevent attacks such as Pass-the-Hash Silver Ticket and MFA bypass. Your work will directly strengthen the security of millions of Windows endpoints protected by the this role youll have a unique opportunity to expand your skillset beyond just Windows security and to not only contribute but to significantly influence the buildout of a new side of our business - Identity security - from the ground up!

What will you do

• Youll be responsible for detecting the newest identity threats. Your role wont end with a hypothesis or a document - youll have an end to end responsibility for behaviour based detection capabilities starting from researching attack techniques designing new methods to detect or prevent those and implementing it in the product in the end (SW development in C23 and scripting in Lua).
• Youll be developing and using internal research tools PoCs and discovering new ways to detect/prevent identity-based attacks (Pass the Hash Silver ticket MFA bypass and more).
• At the end of the day your deliveries will enhance the security of dozens of millions of Windows endpoints which are protected by our platform.

What experience or knowledge should you bring

• 3 years of experience in malware analysis (statically and dynamically)
• 3 years of experience with C an advantage would be knowledge of Lua or similar scripting language
• Excellent understanding of the Windows Internals - understanding how core system components (Process and Threads Virtual Memory and more) work behind the scenes.
• Experienced with analysis tools such as: IDA WinDBG SysInternals etc.
• A big plus - experience with Identity-based attacks (Pass the Hash Silver ticket MFA bypass and more)
• An advantage would be - kernel development experience and/or understanding of existing AVs internals

Why SentinelOne

Because you will meet extraordinary challenges facing the newest attacks and tech obstacles and overcoming will work with the very BEST in the industry in a flexible and independent will influence the design of a disruptive product that will shape the security industry of tomorrow.

Competitive Benefits Package:

• Stock & Bonuses: Grant of Restricted Stock Units with a 4-year vesting plan annual performance-based bonuses and an employee stock purchase plan.
• Time Off & Well-being: Flexible Time Off on top of the standard 5 weeks vacation flexible paid sick days fully paid Short Term Sick/Nursing Leave 16-week parental leave grandparent leave and additional company holidays.
• Insurance & Health: Pension Insurance Contribution Premium life insurance Private medical care (for you and 1) and a Global Employee Assistance Program.
• Work Perks: Monthly meal and well-being allowance high-end MacBook/Windows laptop work-from-home support and in-office refreshments.
• Growth & Community: LinkedIn Learning internal mentoring educational support generous referral bonuses and optional company events (sports BBQs charity).

Be part of an inclusive innovative workplace that values belonging flexibility and growth!