HiTakeJobHiTakeJob

Windows Detection Engineering Manager - Sentinellabs

  • חברה: Sentinellabs
  • מיקום: Israel
  • טכנולוגיות: C++23, scripting in Lua

תיאור המשרה

You will manage a team of detection engineers and guide them through the research and development of detection rules and infrastructure. You will be responsible for driving the detection of the newest malware and exploits based on SentinelOne’s Endpoint Protection platform. Your role won’t end with a hypothesis or a document - you’ll have an end-to-end responsibility for behavior-based detection capabilities, starting from leading any prior research, designing new methods to detect or prevent those, and the implementation of it in the product in the end (SW development in C++23 and scripting in Lua). You will be leading the development and research of attack tools, PoCs, and the discovery of new ways to detect/prevent exploitation attacks (EoP, drive-by attacks, and more). At the end of the day, your deliveries will enhance the security of dozens of millions of Windows endpoints, which are protected by our platform. You will meet extraordinary challenges facing the newest attacks and tech obstacles, and overcome them. You will work with the very BEST in the industry in a flexible and independent environment. You will influence the design of a disruptive product that will shape the security industry of tomorrow. Proven experience in leading a team of researchers or detection engineers Experience in writing behavioral detection rules - understanding how to detect low-level malicious techniques while evaluating the rule’s efficacy Proven experience with reverse engineering of x86/x64/ARM binaries Several years of experience in malware analysis (statically and dynamically) Excellent understanding of the Windows Internals - understanding how core system components (Process and Threads, Virtual Memory, and more) work behind the scenes An advantage would be - modern C++ experience and understanding of existing AVs internals Restricted Stock Units (RSUs) Employee Stock Purchase Plan (ESPP) Competitive leave benefits Gender-neutral parental leave Employee Assistant Program Workout sessions and a Wellness App Medical and insurance benefits Pension Employee Assistance Program (EAP) Global home office allowance Mobile phone reimbursement

תחומי אחריות

You will manage a team of detection engineers and guide them through the research and development of detection rules and infrastructure. You will be responsible for driving the detection of the newest malware and exploits based on SentinelOne’s Endpoint Protection platform. Your role won’t end with a hypothesis or a document - you’ll have an end-to-end responsibility for behavior-based detection capabilities, starting from leading any prior research, designing new methods to detect or prevent those, and the implementation of it in the product in the end (SW development in C++23 and scripting in Lua). You will be leading the development and research of attack tools, PoCs, and the discovery of new ways to detect/prevent exploitation attacks (EoP, drive-by attacks, and more). At the end of the day, your deliveries will enhance the security of dozens of millions of Windows endpoints, which are protected by our platform. You will meet extraordinary challenges facing the newest attacks and tech obstacles, and overcome them. You will work with the very BEST in the industry in a flexible and independent environment. You will influence the design of a disruptive product that will shape the security industry of tomorrow. Proven experience in leading a team of researchers or detection engineers Experience in writing behavioral detection rules - understanding how to detect low-level malicious techniques while evaluating the rule’s efficacy Proven experience with reverse engineering of x86/x64/ARM binaries Several years of experience in malware analysis (statically and dynamically) Excellent understanding of the Windows Internals - understanding how core system components (Process and Threads, Virtual Memory, and more) work behind the scenes An advantage would be - modern C++ experience and understanding of existing AVs internals Restricted Stock Units (RSUs) Employee Stock Purchase Plan (ESPP) Competitive leave benefits Gender-neutral parental leave Employee Assistant Program Workout sessions and a Wellness App Medical and insurance benefits Pension Employee Assistance Program (EAP) Global home office allowance Mobile phone reimbursement

דרישות

You will manage a team of detection engineers and guide them through the research and development of detection rules and infrastructure. You will be responsible for driving the detection of the newest malware and exploits based on SentinelOne’s Endpoint Protection platform. Your role won’t end with a hypothesis or a document - you’ll have an end-to-end responsibility for behavior-based detection capabilities, starting from leading any prior research, designing new methods to detect or prevent those, and the implementation of it in the product in the end (SW development in C++23 and scripting in Lua). You will be leading the development and research of attack tools, PoCs, and the discovery of new ways to detect/prevent exploitation attacks (EoP, drive-by attacks, and more). At the end of the day, your deliveries will enhance the security of dozens of millions of Windows endpoints, which are protected by our platform. You will meet extraordinary challenges facing the newest attacks and tech obstacles, and overcome them. You will work with the very BEST in the industry in a flexible and independent environment. You will influence the design of a disruptive product that will shape the security industry of tomorrow. Proven experience in leading a team of researchers or detection engineers Experience in writing behavioral detection rules - understanding how to detect low-level malicious techniques while evaluating the rule’s efficacy Proven experience with reverse engineering of x86/x64/ARM binaries Several years of experience in malware analysis (statically and dynamically) Excellent understanding of the Windows Internals - understanding how core system components (Process and Threads, Virtual Memory, and more) work behind the scenes An advantage would be - modern C++ experience and understanding of existing AVs internals Restricted Stock Units (RSUs) Employee Stock Purchase Plan (ESPP) Competitive leave benefits Gender-neutral parental leave Employee Assistant Program Workout sessions and a Wellness App Medical and insurance benefits Pension Employee Assistance Program (EAP) Global home office allowance Mobile phone reimbursement