Detection Architect

What are we looking for?

We’re looking for a Detection Architect to drive the evolution of our detection engineering capabilities across the SentinelOne platform. In this highly technical and influential IC role, you’ll define detection strategies that scale across diverse threat surfaces — from endpoints to cloud. You’ll work at the intersection of threat research, AI, engineering, and product, setting the vision for how we detect and disrupt adversaries at machine speed. This is a unique opportunity to shape the detection at one of the most advanced cybersecurity companies in the world.

What will you do?

• Define detection coverage strategy and drive operations for threat detection across cloud, endpoint, identity, and AI-SIEM detection engines.
• Lead the design of scalable, performant detection logic and detection engines across SentinelOne’s product lines.
• Partner with threat researchers, reverse engineers, security data scientists, threat hunters, and incident responders to scale discovery of adversary tradecraft
• Evaluate and improve the quality, precision, and reliability of detection signals in production
• Mentor and guide detection engineers and researchers across the entire SentinelOne Detection organization. 

What skills and knowledge should you bring?

• Proven experience in threat detection engineering at scale and in a production environment delivering production detections to a large number of customers.
• Deep understanding of adversary behavior, including MITRE ATT&CK tactics and real-world threat techniques
• Expertise in heavily automated detection systems and applications of machine learning to detection across domains (e.g., EDR, cloud, third-party logs, identity signals)
• Familiarity with detection-as-code and detection release practices
• Knowledge of Windows, macOS, and Linux internals and low level development experience on at least one OS.
• Strong communications and mentoring skills, including proven abilities to interact with customers and executives.

Technical Requirements

• Proficiency in Python or another language.
• Experience with Jenkins or other CI/CD systems for test and release automation. 
• Expertise in working with modern data architectures and security telemetry pipelines for analytics at scale 
• Ability to rapidly prototype novel solutions to challenging detection problems

Why us? 

You will be joining a cutting-edge company where you will tackle extraordinary challenges and work with the very best in the industry.

• Medical, Vision, Dental, 401(k), Commuter, Health and Dependent FSA
• Unlimited PTO
• Industry-leading gender-neutral parental leave
• Paid Company Holidays
• Paid Sick Time
• Employee stock purchase program
• Disability and life insurance
• Employee assistance program
• Gym membership reimbursement
• Cell phone reimbursement
• Numerous company-sponsored events, including regular happy hours and team-building events