Threat Hunting Manager

About Us:

SentinelOne is defining the future of cybersecurity through our XDR platform that automatically prevents, detects, and responds to threats in real-time. Singularity XDR ingests data and leverages our patented AI models to deliver autonomous protection. With SentinelOne, organizations gain full transparency into everything happening across the network at machine speed – to defeat every attack, at every stage of the threat lifecycle. 

We are a values-driven team where names are known, results are rewarded, and friendships are formed. Trust, accountability, relentlessness, ingenuity, and OneSentinel define the pillars of our collaborative and unified global culture. We're looking for people that will drive team success and collaboration across SentinelOne. If you’re enthusiastic about innovative approaches to problem-solving, we would love to speak with you about joining our team!

What are we looking for?

Join SetinelOne’s elite professional services division by becoming part of our proactive threat-hunting program. Our Threat Hunters serve our clients by utilizing the SentinelOne platform to identify potential malware, malicious behaviour, insider threats, security risk and hygiene issues that exist within client environments.

The Hunters’ goal is to identify threats, disrupt attacks prior to further damage occurring within a client environment, and advise for remediation as well as long-term security posture improvement. The incumbent will be responsible for identifying attack trends and threat intelligence by harvesting threat data generated by several million endpoints from across the globe.

This is an exciting opportunity to be a highly technical leader for this elite team of industry-renowned experts.  This role will lead a team of hunters, be a mentor driving effective client communication and reporting, and be a thought leader driving the future of detection engineering and hunt automations.  

What will you do?

• Lead threat hunt operations within the APJ region.
• Manage projects, deliverables, and ensure deadlines are met for threat hunting and intelligence operations.
• Drive quality control, mentorship, and guidance for team members.
• Participate as a key member of the global leadership team for threat hunting operations.  This role reports directly into the APJ region lead for all threat hunting and threat intelligence operations.
• Conduct proactive threat hunting services for SentinelOne clients
• Build, evolve, and expand hunting tooling, techniques and use-cases
• Integrate relevant threat intelligence and dark web data into hunting operations
• Advise engineering team on platform enhancements to further enable rapid and effective threat hunting
• Work closely with clients to remediate threats and improve long-term security posture

What skills and knowledge should you bring?

• At least 10 years experience in cyber security relevant roles like security engineering, SOC operations, system administration, digital forensic investigations, penetration testing, red teaming, threat intelligence, network threat hunting, or malware analysis
• At least 3 years managing security experts and operations
• Experience working with big data manipulation, management, and efficient querying
• Deep knowledge of detection engineering and creating innovative methods of identifying sophisticated attack patterns
• Experience in threat hunting via endpoint focused threat hunting
• Strong knowledge in Python scripting, including:
• API integration
• DB integration
• data manipulation 
• Multiprocessing   
• Working knowledge of git
• Working knowledge on utilising CTI tools for data enrichment
• Working experience with GCP and Amazon Cloud solutions
• Experience with working under Scrum regime
• Ability to create code with the best Python practices
• Ability to work with large datasets to get valuable and vital information
• Strong understanding of common malware activity on endpoints
• Knowledge of MITRE ATT&CK framework and known APT group activity
• Operating system internals knowledge (Windows, Linux, OSX)
• Experience utilizing EDR technologies
• Experience with working with Cyber threat Intelligence tools and data
• Knowledge of OSINT tools and techniques

SentinelOne is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

SentinelOne participates in the E-Verify Program for all U.S. based roles.