Senior Linux Security Researcher

Job Description

About Us:

SentinelOne is defining the future of cybersecurity through our XDR platform that automatically prevents, detects, and responds to threats in real-time. Singularity XDR ingests data and leverages our patented AI models to deliver autonomous protection. With SentinelOne, organizations gain full transparency into everything happening across the network at machine speed – to defeat every attack, at every stage of the threat lifecycle.

We are a values-driven team where names are known, results are rewarded, and friendships are formed. Trust, accountability, relentlessness, ingenuity, and OneSentinel define the pillars of our collaborative and unified global culture. We’re looking for people that will drive team success and collaboration across SentinelOne. If you’re enthusiastic about innovative approaches to problem-solving, we would love to speak with you about joining our team!

Who are we looking for?

We are looking for a talented and experienced Linux researcher who love Kernel and low level, who live to beat the system and challenge it. People who are in a pursuit to outsmart malware and overcome it. If you’re doing CTFs all day long, we’re looking for you.

You will be part of challenging, innovative and impactful research projects that will improve our protection and detection in Linux environments and will take the detections in both Linux Endpoints, Servers, and Cloud Workload Protection (CWPP) to a whole new level. The new colleague will get an opportunity to research in new domains, innovate and help build a world class product in a startup environment.

Why Choose Us?

Because you will meet extraordinary challenges facing the newest malwares and tech obstacles and overcoming them. You will take on a major role in improving our protection and detection from the early stages and help bringing it into production. You will discover the threats landscape of multiple Linux environments from On-prem networks to the Cloud. You will solve low-level Linux engineering problems, research malware, TTP, and vulnerabilities, build better endpoint detection, analyze our engines and design new ones and of course – develop our XDR Linux capabilities. You will be responsible for reversing the newest malware and exploits and designing methods to detect malware types using OS monitoring, extensive user data and in house malware instrumentation lab.

You will be developing and using internal research tools and frameworks, creating POCs and inventing ways to prevent exploitation of a wide range of attacks (stack pivots, use after free, etc).

You will explore Linux internals on a daily basis and learn how different subsystems really work.

You will also be encouraged to write white papers, blogs and articles (but only if you are interested), and also research other domains, like Windows and macOS.

What experience or knowledge should you bring?

5+ years of experience in cyber security research
Deep reverse engineering experience
Extensive familiarity with the Linux malware world (how malware operates, infamous families)
Experience with:
C/C++ development
Linux inner-workings and Linux internals (including but not limited to IPC, user interaction, kernel tracing)
Scripting languages (python, bash, etc’)
Containers (K8s, Docker, etc’)
A problem solver type of person
Independent – capable of learning new topics alone and working independently; but also a team player – the job will require you to coordinate and collaborate your work with other entities in the company

It’d be a plus if you have:

Understanding of existing AV software internals; Cloud Workloads (EKS, ECS, Fargate, etc’); and experience with macOS

Important

The role is suitable for any candidates that are already eligible to work in the EU. (Relocation assistance is also available for those who would be willing to relocate to Prague, Czechia).
You could be based in Czechia (Prague-hybrid model or remote outside of Prague) or remotely in Slovakia, Spain, Denmark, France, Germany or Netherlands (where we have Amsterdam HQ too).

What We Offer You

The benefits package depends on the type of contract and the location where you’d be based as this may differ between the countries to adhere to the local specifics, traditions and preferences. Nevertheless, the main areas of focus include – Wellness, Time Off, Togetherness and Future Planning (incl. generous employee stock plan in the form of RSUs (restricted stock units))

SentinelOne is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

SentinelOne participates in the E-Verify Program for all U.S. based roles.