What are we looking for?

We are looking for an experienced threat detection and response practitioner to support the detection and threat intelligence capabilities of our Managed Detection & Response (MDR) service. You’ll drive continuous improvement in our threat detection coverage and quality, ensuring that our 24x7 team of experts are able to effectively protect our customers by detecting and responding to threats early in the kill-chain, across a wide range of attack surfaces. You’ll partner closely with other SentinelOne teams responsible for tracking new threat actors, TTPs and IOCs, and other emerging threats.

What will you do?

• Detection Engineering: Responsible for the curation of all MDR detection capabilities in order to maximize threat detection coverage while minimizing overall alert volume, including: 
• Ongoing reporting and analysis of the efficacy of all existing detection capabilities.
• Partnering with SentinelOne detection engineering and threat intelligence teams to improve these detection capabilities, as needed.
• Proactively identifying additional detection capabilities/sources for possible inclusion in MDR service scope.
• Emerging Threat Response support:
• Supporting the overall SentinelOne response to new emerging threats (such as ‘zero day’ vulnerabilities and supply chain attacks).
• Partnering with other internal stakeholders to share information and coordinate the response to these emerging threats.
• Identifying the appropriate actions that can be performed by the MDR team to effectively protect customers against these emerging threats.
• Developing communications to customers about these emerging threats, and the steps we are taking to protect them.
• Threat Intelligence: 
• Curate threat intelligence (IOCs and TTPs) identified by the MDR team, and partner with other teams to integrate this intelligence into SentinelOne products and services.
• Integrate relevant threat intelligence and research from other SentinelOne groups into MDR operations.

What experience or knowledge should you bring?

• At least 5 years of experience as a security operations practitioner, with a focus on one or more of the following areas: SOC operations, security monitoring, incident investigation and response, malware analysis, threat hunting, and threat intelligence.
• A detailed technical understanding of the current threat landscape, including widely used attacker TTPs and prominent threat actor groups.
• Prior experience developing and/or tuning existing detection capabilities (SIEM/EDR/NDR detections).
• Previous Managed Services/MDR experience.
• Previous experience developing operational metrics/dashboards/reports, with a focus on detection/alert fidelity. 
• Familiarity with the MITRE ATT&CK framework.

Why us?

You will be joining a cutting-edge company, where you will tackle extraordinary challenges and work with the very best in the industry.

• Medical, Vision, Dental, 401(k), Commuter, Health and Dependent FSA
• Unlimited PTO
• Industry leading gender-neutral parental leave
• Paid Company Holidays
• Paid Sick Time
• Employee stock purchase program
• Disability and life insurance
• Employee assistance program
• Gym membership reimbursement
• Cell phone reimbursement
• Numerous company-sponsored events including regular happy hours and team building events

#LI-AH1