Job Description
Our Purpose
At SentinelOne, we are driven by a clear purpose: to give the advantage to those who secure our future. As AI reshapes how organizations build, operate, and innovate, the responsibility to protect them becomes more critical than ever. When you join SentinelOne, your work helps protect global enterprises, critical infrastructure, and the technologies shaping tomorrow. If you are motivated by meaningful challenges and want your impact to be real, measurable, and global, you will find purpose here.
About Us
SentinelOne is a company at the intersection of AI and security, pioneering a new operating model for cybersecurity. Our AI-native platform unifies protection across endpoint, cloud, identity, data, and AI systems to deliver autonomous detection and response with clarity and speed. By combining real-time analytics, intelligent automation, and a unified data foundation, we reduce noise, simplify complexity, and empower security teams to focus on what truly matters.
Our teams are builders, problem-solvers, and innovators committed to shaping the future of security. If you are excited to solve hard problems alongside talented, mission-driven people, we invite you to help us build a safer future for humanity.
What Are We Looking For?
We’re looking for people who are relentlessly curious and committed to continuous learning. AI is reshaping every function across our business, and we enable every team member, regardless of role or level, to build fluency in AI tools and concepts. Those who thrive here actively seek out new solutions, experiment thoughtfully, and apply what they learn to drive better, faster, smarter outcomes.
As a Senior Windows Identity Detection Engineer you will research and detect emerging identity threats by developing behavior-based detection methods. You’ll build tools and PoCs to identify and prevent attacks such as Pass-the-Hash, Silver Ticket, and MFA bypass. Your work will directly strengthen the security of millions of Windows endpoints protected by the platform. In this role, you’ll have a unique opportunity to expand your skillset beyond just Windows security, and to not only contribute, but to significantly influence the buildout of a new side of our business - Identity security - from the ground up!
What will you do?
- You’ll be responsible for detecting the newest identity threats. Your role won’t end with a hypothesis or a document - you’ll have an end to end responsibility for behaviour based detection capabilities, starting from researching attack techniques, designing new methods to detect or prevent those, and implementing it in the product in the end (SW development in C++23 and scripting in Lua).
- You’ll be developing and using internal research tools, PoCs and discovering new ways to detect/prevent identity-based attacks (Pass the Hash, Silver ticket, MFA bypass and more).
- At the end of the day, your deliveries will enhance the security of dozens of millions of Windows endpoints which are protected by our platform.
What experience or knowledge should you bring?
- 3+ years of experience in malware analysis (statically and dynamically)
- 3+ years of experience with C++, an advantage would be knowledge of Lua or similar scripting language
- Excellent understanding of the Windows Internals - understanding how core system components (Process and Threads, Virtual Memory and more) work behind the scenes.
- Experienced with analysis tools, such as: IDA, WinDBG, SysInternals etc.
- A big plus - experience with Identity-based attacks (Pass the Hash, Silver ticket, MFA bypass and more)
- An advantage would be - kernel development experience and/or understanding of existing AVs internals
Why SentinelOne?
Because you will work on real-world problems with risks of millions of dollars (protecting against Ransomware and other threats) and make an impact by preventing our customers from appearing in global news after being attacked. You will be joining a technologically cutting-edge project and will be able to influence the architecture, design, and building of our core platform. You will meet extraordinary challenges and work with the very BEST in the industry.
On top of that we offer you
Flexible working hours, this is a 100% remote role based within Spain; we provide IWG pass to major coworking chains
- Optionally for those willing to relocate to the Czech Republic relocation assistance is available for any candidates that are already eligible to work in the EU
Generous employee stock plan in the form of RSUs(restricted stock units), not options; 4 years vesting with 1 year cliff and then quarterly, stock refresh yearly
Yearly bonus depending on the performance of the company, paid out in 2 installments
30 Days of Paid Annual Leave
Flexible Paid Sick Days
Pension insurance contribution
Premium Life Insurance covered by S1
Premium Medical & Dental Insurance covered by S1
Meal, Transport & Homeoffice allowance of total 440 EUR/month
Global gender-neutral Parental Leave (16 weeks, beyond the leave provided by the local laws) & Grandparent Leave
Volunteering paid day off & Additional paid Company holidays off (e.g. 4 days in 2022)
Global Employee Assistance Program (confidential counseling related to both personal and work life matters)
Udemy Business platform for Hard/Soft skills Training & Support for your further educational activities/trainings
Above-standard referral bonus
DEI&B programs that promote employee resource groups like SentinelWIN (Women Inclusion Network), Blk@S1, Latinos@S1, Pan-Asian@S1, Out@S1 (LGBTQIA+) and Sentinels Who Served
& Aditional country-specific benefits to Spain
SentinelOne is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.
SentinelOne participates in the E-Verify Program for all U.S. based roles.
