Windows Internals Engineer- Detection Team

R&D Tel Aviv-Yafo, Tel Aviv-Yafo


SentinelOne was founded in 2013 by an elite group of cyber-security and defense experts.
In our R&D offices in TLV, we develop a next-gen endpoint and server protection SW product that uses several layers of protection, including behavioral analysis (with ML on the collected data), anti-exploitation, traps and more in order to stop zero-day attacks that other vendors simply can’t. 
It also provides unparalleled threat visibility at a minimum system impact.

What are we looking for?

Over the top talented people who are capable to lead a feature through the whole development lifecycle. People that can explore, design, recommend and develop from scratch innovative ideas and drive a sophisticated product to production.

Why us?

Because you will work on real-world problems with risks of millions of dollars (protecting against Ransomware and other threats) and make an impact by preventing our customers from appearing in the global news after being attacked. You will be joining a technologically cutting-edge project and will be able to influence the architecture, design, and building of our core platform. You will meet extraordinary challenges and work with the very BEST in the industry. 

What will you do in the Detection Team?

You will have end-to-end responsibility for our Windows agent’s Detection Engine. This responsibility includes defining cutting edge detection techniques, developing an advanced data model to support those techniques, implement the decision-making engines and eventually keep building our remediation mechanism. All the above will run on the endpoint itself and must be implemented with minimal impact on the endpoint’s resources and users’ experience while using it. As part of your research and development cycles, you will be in continuous touch with the field and our customers in order to verify that we keep supplying them the best in category endpoint protection products.

What experience or knowledge should you bring?

  • 5+ years of experience as a software developer in a class A company or an elite technological army unit.
  • 3+ years' experience in C and\or C++.
  • Hands on experience and In-depth understanding of OS design and internals. (Windows Internals is an advantage)
  • Previous experience with security-oriented development, reversing or malware analysis experience – a MUST
  • Kernel development experience- a MUST
  • Proven ability to design and plan complicated software components
  • Deep understanding of data structures (theory and practical use)
  • Data oriented approach
  • Previous experience of working on a production-grade product with a wide scale deployment
  • Great communication skills
  • Deep familiarity with the malware knowledge domain
  • Modern C++ (11\14\17) is an advantage
  • Python is an advantage

SentinelOne is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.