About the role:SentinelOne’s Vigilance DFIR team conducts digital forensic investigations and threat hunting operations for global clients.  Our team provides multiple levels of proactive and reactive services to our clients to include incident readiness assessments, table-top exercises, purple-team activities, full-breach investigation, malware analysis, and hunting operations.  The selected candidate will be an experienced investigator and endpoint-based hunter with superior technical and customer services skills.  

Major responsibilities:

• Accountable to ensure excellence in every engagement, to include scoping, forensic analysis, reporting, hunting, remediation consulting, and client communication.
• Contribute as a lead investigator for engagements.  Manage all aspects of a breach response and containment investigation.
• Technical investigative skills must include host-based forensic analysis, EDR-driven incident response, malware analysis, memory analytics, and network log investigations.
• Provide detailed and impactful formal investigative reports, to include technical findings and security improvement recommendations.
• Provide additional IR services, to include: 
• Incident Response Assessments
• Table-top exercises
• Purple-teaming
• Work closely with the threat intelligence team to pursue attribution, identify attack trends, innovative malicious TTPs, and contribute to community-facing publications and blogs.
• Adopt and follow our core values amongst the team: 
• Trust – We earn our client’s trust via technical expertise and a customer-first mindset.
• Accountability – Every team member contributes to our group success via diligently fulfilling their assigned duties.
• Collaboration – The Vigilance DFIR team works closely together and with our threat intelligence, research, MDR, and product teams to make every engagement a success.
• Relentlessness – We will leave no stone unturned to provide outstanding service and fulfill our clients needs.
• Ingenuity – If no tool exists to enable our investigations and hunts, then we will create one.  There is always a way to improve existing methodologies.
• Community - The Vigilance team supports each other as we grow and improve ourselves and our service.

Required Knowledge & Experience:

• 2+ years of hands-on consulting experience in threat hunting, digital forensics, and incident response.
• An ideal candidate would have notable speaking and publications in the industry and or be an active participating member within the industry.
• Evident self-starter with intellectual curiosity and the ability to adapt to change.
• Expert level experience with forensic investigative software (Axiom Cyber preferred).
• Experience with EDR/XDR platforms (SentinelOne preferred).
• Experienced conducting dynamic malware analysis and understanding of the reverse engineering process.
• Experience with memory analytics (Volatility Preferred).
• Experience or knowledge of conducting endpoint based threat hunting (compromise assessments).
• Experience working with cyber threat intelligence platforms and the threat intelligence process from raw attack data to finished intel and publications.
• Scripting ability (Python preferred).
  
  

Why us?

You will work on real-world problems and make an impact by protecting our customers from cyber threats. You will join a cutting-edge project and will be able to influence the architecture, design and structure of our core platform. You will tackle extraordinary challenges and work with the very BEST in the industry. 

• Medical, Vision, Dental, 401(k), Commuter, and Dependent FSA
• Unlimited PTO
• Paid Company Assigned Holidays
• Paid Sick Time
• Gym membership reimbursement
• Cell phone reimbursement
• Numerous company-sponsored events including regular happy hours and team building events