MDR Threat Analyst

Phoenix, Arizona, United States

SentinelOne

SentinelOne vereint Endpoint, Cloud Identity und Datenschutz f in einer Lösung - die zusammen mit Security Data Lake für nahtlose und effiziente Cybersecurity ermöglicht.

View all jobs at SentinelOne

About Us:

SentinelOne is defining the future of cybersecurity through our XDR platform that automatically prevents, detects, and responds to threats in real-time. Singularity XDR ingests data and leverages our patented AI models to deliver autonomous protection. With SentinelOne, organizations gain full transparency into everything happening across the network at machine speed – to defeat every attack, at every stage of the threat lifecycle. 

We are a values-driven team where names are known, results are rewarded, and friendships are formed. Trust, accountability, relentlessness, ingenuity, and OneSentinel define the pillars of our collaborative and unified global culture. We're looking for people that will drive team success and collaboration across SentinelOne. If you’re enthusiastic about innovative approaches to problem-solving, we would love to speak with you about joining our team!

What are we looking for?

We are looking for an experienced threat detection and response practitioner to support the detection and threat intelligence capabilities of our Managed Detection & Response (MDR) service. You’ll drive continuous improvement in our threat detection coverage and quality, ensuring that our 24x7 team of experts are able to effectively protect our customers by detecting and responding to threats early in the kill-chain, across a wide range of attack surfaces. You’ll partner closely with other SentinelOne teams responsible for tracking new threat actors, TTPs and IOCs, and other emerging threats.

What will you do?

  • Detection Engineering: Responsible for the curation of all MDR detection capabilities in order to maximize threat detection coverage while minimizing overall alert volume, including: 
    • Ongoing reporting and analysis of the efficacy of all existing detection capabilities.
    • Partnering with SentinelOne detection engineering and threat intelligence teams to improve these detection capabilities, as needed.
    • Proactively identifying additional detection capabilities/sources for possible inclusion in MDR service scope.
  • Emerging Threat Response support:
    • Supporting the overall SentinelOne response to new emerging threats (such as ‘zero day’ vulnerabilities and supply chain attacks).
    • Partnering with other internal stakeholders to share information and coordinate the response to these emerging threats.
    • Identifying the appropriate actions that can be performed by the MDR team to effectively protect customers against these emerging threats.
    • Developing communications to customers about these emerging threats, and the steps we are taking to protect them.
  • Threat Intelligence: 
    • Curate threat intelligence (IOCs and TTPs) identified by the MDR team, and partner with other teams to integrate this intelligence into SentinelOne products and services.
    • Integrate relevant threat intelligence and research from other SentinelOne groups into MDR operations.

What experience or knowledge should you bring?

  • At least 5 years of experience as a security operations practitioner, with a focus on one or more of the following areas: SOC operations, security monitoring, incident investigation and response, malware analysis, threat hunting, and threat intelligence.
  • A detailed technical understanding of the current threat landscape, including widely used attacker TTPs and prominent threat actor groups.
  • Prior experience developing and/or tuning existing detection capabilities (SIEM/EDR/NDR detections).
  • Previous Managed Services/MDR experience.
  • Previous experience developing operational metrics/dashboards/reports, with a focus on detection/alert fidelity. 
  • Familiarity with the MITRE ATT&CK framework.

Why us?

You will be joining a cutting-edge company, where you will tackle extraordinary challenges and work with the very best in the industry.

  • Medical, Vision, Dental, 401(k), Commuter, Health and Dependent FSA
  • Unlimited PTO
  • Industry leading gender-neutral parental leave
  • Paid Company Holidays
  • Paid Sick Time
  • Employee stock purchase program
  • Disability and life insurance
  • Employee assistance program
  • Gym membership reimbursement
  • Cell phone reimbursement
  • Numerous company-sponsored events including regular happy hours and team building events

 

#LI-AH1

This U.S. role has a base pay range that will vary based on the location of the candidate.  For some

locations, a different pay range may apply.  If so, this range will be provided to you during the recruiting

process.  You can also reach out to the recruiter with any questions.

Base Salary Range$80,000—$100,000 USD

SentinelOne is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

SentinelOne participates in the E-Verify Program for all U.S. based roles. 

Job stats:  6  3  0

Tags: EDR Malware MITRE ATT&CK Monitoring SIEM SOC Threat detection Threat intelligence TTPs Vulnerabilities XDR Zero-day

Perks/benefits: Career development Equity / stock options Fitness / gym Health care Insurance Medical leave Parental leave Startup environment Team events Transparency Unlimited paid time off

Region: North America
Country: United States

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.