Test Automation Engineer - Detection Validation

at  SentinelOne

ABOUT US:

SentinelOne is defining the future of cybersecurity through our XDR platform that automatically prevents, detects, and responds to threats in real-time. Singularity XDR ingests data and leverages our patented AI models to deliver autonomous protection. With SentinelOne, organizations gain full transparency into everything happening across the network at machine speed – to defeat every attack, at every stage of the threat lifecycle.
We are a values-driven team where names are known, results are rewarded, and friendships are formed. Trust, accountability, relentlessness, ingenuity, and OneSentinel define the pillars of our collaborative and unified global culture. We’re looking for people that will drive team success and collaboration across SentinelOne. If you’re enthusiastic about innovative approaches to problem-solving, we would love to speak with you about joining our team!

WHAT ARE WE LOOKING FOR?

We are seeking highly motivated individuals to join our Platform Detection Rules Team. The ideal candidates will have a strong background in software engineering, with a focus on security use cases. We are looking for team players, adept at validating detection rules, and committed to staying at the forefront of cybersecurity advancements. If you are passionate about contributing to innovative cybersecurity solutions, come join us and be part of our dynamic team at SentinelOne.

WHAT EXPERIENCE OR KNOWLEDGE SHOULD YOU BRING?

• Experience in software engineering, ideally in a security-focused environment
• Experience with GitHub Actions and Workflow, with a focus on automation and CI/CD
• Strong programming skills in Python with experience in using testing frameworks such as Pytest
• Strong understanding of security threats and trends
• Experience with security information and event management (SIEM) systems
• Strong problem-solving and analytical skills, with a proven ability to troubleshoot and resolve issues
• Excellent communication and collaboration skills, with experience working closely with security teams and other cross-functional groups

As a Test Automation Engineer you will play a critical role in ensuring the accuracy and effectiveness of our detection rules and systems. Your role will involve designing, developing, and implementing validation tests to ensure our detection rules are working as intended. You will also collaborate with our security teams to identify and prioritize validation efforts.

You will be responsible for the following:

• Design, develop, and implement validation tests for detection rules using GitHub Actions and Workflows
• Collaborate with security teams to identify and prioritize validation efforts
• Write and maintain unit tests for detection rules
• Develop and maintain tools and frameworks for validation and testing
• Analyze and troubleshoot issues with detection rules and validation tests
• Stay up-to-date with emerging threats and trends in the security domain
• Create scripts to trigger detection rules for testing, including:
• Writing scripts in Python to simulate threat scenarios and test detection rules
• Developing tools to automate the testing process
• Collaborating with security teams to ensure scripts accurately represent real-world threats