Staff Detection and Response Engineer

at  SentinelOne

ABOUT US:

SentinelOne is defining the future of cybersecurity through our XDR platform that automatically prevents, detects, and responds to threats in real-time. Singularity XDR ingests data and leverages our patented AI models to deliver autonomous protection. With SentinelOne, organizations gain full transparency into everything happening across the network at machine speed – to defeat every attack, at every stage of the threat lifecycle.
We are a values-driven team where names are known, results are rewarded, and friendships are formed. Trust, accountability, relentlessness, ingenuity, and OneSentinel define the pillars of our collaborative and unified global culture. We’re looking for people that will drive team success and collaboration across SentinelOne. If you’re enthusiastic about innovative approaches to problem-solving, we would love to speak with you about joining our team!

WHAT ARE WE LOOKING FOR?

We are looking for a talented Detection and Response Engineer to join our Vigilance organization, a global team of cyber security experts providing Managed Detection and Response (MDR) services to thousands of organizations around the world. As a Detection and Response Engineer on the Vigilance Engineering team, you will be responsible for developing and maintaining tooling and automation to improve the efficiency and effectiveness of our MDR service. Our ideal candidate will be a security practitioner with a talent for developing innovative technical solutions to real-world operational challenges.

WHAT SKILLS & KNOWLEDGE SHOULD YOU BRING?

• Minimum 4 years of experience as a security operations practitioner, with a focus on one or more of the following areas: SOC operations, incident response investigation, malware analysis, threat hunting, and threat intelligence.
• Minimum 3 years of scripting and tool development experience with a focus on Python, PowerShell, SQL, and Bash.
• Solid understanding of security operations workflows and processes in enterprise organizations.
• The ability to rapidly design and implement technical solutions to security operations challenges without significant guidance or a comprehensive list of formal requirements.
• Passionate about learning new technologies.

DESIRED SKILLS AND EXPERIENCE

• Previous Managed Services/MDR experience.
• Previous hands-on experience with various security operations tools in areas including EDR/EPP, XDR, malware sandboxes, threat intelligence, SIEM, and vulnerability management.
• Previous hands-on experience with Security Orchestration, Automation, and Response (SOAR) products.
• Experience deploying and managing cloud-hosted infrastructure and applications in IaaS/PaaS environments (AWS, Azure, GCP, etc.).

• Standardize, streamline, and automate internal MDR operational workflows, such as:
• Assist in the identification and prioritization of existing processes for automation, with a focus on high-volume and highly-repeatable manual tasks.
• Develop, test, deploy, and manage automation playbooks, such as incident response workflows, leveraging an existing ’no code automation’ platform.
• Research and develop additional integrations and features for the ’no-code automation’ platform.
• Measure and report on improvements to operational effectiveness and efficiency as a result of the automation.
• Develop and support internal programming projects, to support the MDR service delivery team.
• Collaborate with stakeholders within MDR and other Threat Services teams (DFIR, WatchTower, and Operations), to exchange knowledge and align overall tooling and automation objectives and initiatives.
• Partner closely with the SentinelOne product team and our internal engineering teams to drive improvements in the technology used by our MDR team and our customers.