Linux Security Researcher

Agents & Platforms Tel Aviv-Yafo, Tel Aviv-Yafo


SentinelOne is shaping the future of endpoint security through its unified, converged platform that automatically prevents, detects, and responds to threats in real-time. Our unique approach is based on deep inspection of all system processes combined with innovative machine learning to quickly isolate malicious behaviors, protecting devices against advanced, targeted threats in real time.

What are we looking for?

We are looking for talented Linux researchers, people who love Kernel and low level, who live to beat the system and challenge it. People who are in a pursuit to outsmart the malware and overcome it. If you’re doing CTFs all day long, we’re looking for you.

 Why us?

Because you will meet extraordinary challenges facing the newest malware and tech obstacles and overcoming them. You will work with the very BEST in the industry in a flexible and independent environment.

You will be a key player in dreaming and creating the best Linux AV in the world (!)

What will you do?

You will be responsible for Reversing the newest malware and exploits and designing methods to detect malware types using OS monitoring, extensive user data and in house malware instrumentation lab.

You will be developing and using internal research tools and frameworks, Creating POCs and inventing ways to prevent exploitation of complete types of attacks (stack pivots, use after free, etc).

You will explore Linux internals on a daily basis and learn how different subsystems really work.

You will also be encouraged to write white papers, blogs and articles (but only if wishes to)

What experience or knowledge should you bring?

  • 4+ years of deep reverse engineering experience (IDA python scripts / embedded / etc)
  • Extensive familiarity with the malware world (how malware operate, infamous families)
  • Familiarity with Linux internal
  • Python, C, and C++ development skills
  • A problem-solver type of person
  • Understanding of existing AV software internals - Advantage
  • Previous experience working as part of a research team - Advantage

SentinelOne is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.