Windows Internals Engineer - Detection Engine \ Infra Team
SentinelOne was founded in 2013 by an elite group of cyber-security and defense experts.
In our R&D offices in TLV, we develop a next-gen endpoint and server protection SW product that uses several layers of protection, including behavioral analysis (with ML on the collected data), anti-exploitation, traps and more in order to stop zero-day attacks that other vendors simply can’t.
It also provides unparalleled threat visibility at a minimum system impact.
What are we looking for?
Over the top talented people who are capable to lead a feature through the whole development lifecycle. People that can explore, design, recommend and develop from scratch innovative ideas and drive a sophisticated product to production.
Because you will work on real-world problems with risks of millions of dollars (protecting against Ransomware and other threats) and make an impact by preventing our customers from appearing in the global news after being attacked. You will be joining a technologically cutting-edge project and will be able to influence the architecture, design, and building of our core platform. You will meet extraordinary challenges and work with the very BEST in the industry.
We are looking for developers to join one of our two Windows Low-Level teams (as part of the Windows Agent group):
1. Infra Team
2. Detection Engine Team
What will you do in the Infra Team?
You will have an end-to-end ownership over our Windows agent’s core (Anti tampering, low-level activity sensors, deployment, persistence, injection, etc). Having an excellent core is our key success in availing the Detection and EDR teams to supply our customers the best value they can get from an endpoint security solution. As part of your research and development cycles, you will be in continuous touch with the field and our customers in order to verify that our EPP and EDR solution completely fit their needs and use cases.
What will you do in the Detection Engine Team?
You will have an end-to-end responsibility over our Windows agent’s Detection Engine. This responsibility includes defining cutting edge detection techniques, developing an advanced data model to support those techniques, implement the decision-making engines and eventually keep building our remediation mechanism. All the above will run on the endpoint itself and must be implemented with minimal impact on the endpoint’s resources and users’ experience while using it. As part of your research and development cycles, you will be in continuous touch with the field and our customers in order to verify that we keep supplying them the best in category endpoint protection product.
What experience or knowledge should you bring?
- 5+ years of experience as a software developer in a class A company or an elite technological army unit.
- 3+ years' experience in C and\or C++.
- Hands on experience and In-depth understanding of OS design and internals. (Windows Internals is an advantage)
- Proven ability to design and plan complicated software components
- Deep understanding of data structures (theory and practical use)
- Data oriented approach
- Previous experience of working on a production-grade product with a wide scale deployment
- Great communication skills
- Deep familiarity with the malware knowledge domain
- Kernel development experience- an advantage
- Previous experience with security-oriented development, reversing or malware analysis experience – an advantage
- Modern C++ (11\14\17) is an advantage
- Python is an advantage
SentinelOne is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.