What are we looking for?

SentinelLabs is seeking an experienced and visionary Threat Intelligence Engineering Lead to head our engineering team, driving the design and development of cutting-edge threat intelligence tools and systems. In this leadership role, you’ll oversee the team responsible for building and refining our threat hunting and intelligence capabilities. You will serve as a technical authority and strategic partner to threat hunters, security researchers, larger engineering teams, and other stakeholders across the organization, transforming complex threat intelligence requirements into advanced, scalable solutions. Your guidance and expertise will be essential in defining engineering priorities, fostering team growth, and ensuring the quality and impact of our threat intelligence platform.

What will you do? 

As a Lead Threat Intelligence Engineer at SentinelLabs, your primary responsibilities will include:

• Translate executive goals to tools and outputs while anticipating future needs, effectively sequencing development, and ensuring the right priority is met to the right standard.
• Oversee the threat engineering team’s daily operations, ensuring seamless functioning and high performance while codifying the strategic value of our findings into cross-company processes. You’ll ensure that our threat intelligence tools align with SentinelLabs’ strategic goals and drive actionable insights across teams.
• Partner with threat hunters, security researchers, and cross-functional teams to translate their needs into technical specifications.
• Guide your team in developing innovative tools that empower the broader threat intelligence and research functions.
• Oversee the design and integration of tools within platforms like Vertex Synapse, incorporating internal tools and enrichments to support threat research workflows.
• Rapidly prototyping and refining tools to ensure they effectively support threat hunting processes and are seamlessly integrated into a repeatable pipeline.
• Spearhead the creation of efficient telemetry enrichment and data curation systems, enhancing the collection, analysis, storage, tagging, and enrichment of indicators of compromise and other critical data.
• Codifying threat hunting processes to maximize the value of diverse and unique data sources, meaningfully contributing to SentinelLabs threat research.
• Work closely with larger SentinelOne engineering and data teams.

What skills and knowledge should you bring?

• Demonstrated experience leading high-performing technical operations, with a focus on fostering innovation, aligning with organizational goals, and achieving impactful outcomes.
• Prefer 12+ years of progressive professional experiences (or equivalent combination of experience, certifications, and education), with recent related experiences leading teams or as princiapl engineer driving threat intelligence tooling efforts.
• Deep knowledge of threat intelligence platforms, particularly Vertex Synapse, and experience leveraging them for data enrichment and automation.
• A solid understanding of threat hunting processes and the ability to codify these processes into repeatable, scalable pipelines that enhance the efficacy of threat research efforts.
• Strong analytical skills, capable of dissecting complex problems, synthesizing actionable information from diverse data sources, and finding opportunities for novel correlation.
• Experience in software development, with strong proficiency in Python and/or Go, especially in developing and maintaining tools for security applications.
• Comfort with rapidly prototyping and iterating on tools to ensure they meet the evolving needs of threat hunters and security researchers.
• Knowledge of security telemetry data management, including the collection, analysis, storage, tagging, and enrichment of indicators of compromise and associated data sources such as VirusTotal Intelligence/Stairwell, and types like passive DNS, netflow, and scanning.
• Excellent communication and collaboration skills, able to work effectively with cross-functional teams and surmise technical requirements from diverse stakeholders.

Why us?

SentinelLabs is an industry-leading threat research team with a unique remit to openly contribute cutting-edge research to global cyber defense by combining world-class expertise and unparalleled access to threat data.

You will be joining a cutting-edge company where you will tackle extraordinary challenges and work with the very best in the industry.

• Medical, Vision, Dental, 401(k), Commuter, Health and Dependent FSA
• Unlimited PTO
• Industry-leading gender-neutral parental leave
• Paid Company Holidays
• Paid Sick Time
• Employee stock purchase program
• Disability and life insurance
• Employee assistance program
• Gym membership reimbursement
• Cell phone reimbursement
• Numerous company-sponsored events, including regular happy hours and team-building events