Windows Detection Engineering Manager - Sentinellabs
- חברה: Sentinellabs
- מיקום: Israel
- טכנולוגיות: C++23, scripting in Lua
תיאור המשרה
You will manage a team of detection engineers and guide them through the research and development of detection rules and infrastructure.
You will be responsible for driving the detection of the newest malware and exploits based on SentinelOne’s Endpoint Protection platform. Your role won’t end with a hypothesis or a document - you’ll have an end-to-end responsibility for behavior-based detection capabilities, starting from leading any prior research, designing new methods to detect or prevent those, and the implementation of it in the product in the end (SW development in C++23 and scripting in Lua).
You will be leading the development and research of attack tools, PoCs, and the discovery of new ways to detect/prevent exploitation attacks (EoP, drive-by attacks, and more).
At the end of the day, your deliveries will enhance the security of dozens of millions of Windows endpoints, which are protected by our platform.
You will meet extraordinary challenges facing the newest attacks and tech obstacles, and overcome them. You will work with the very BEST in the industry in a flexible and independent environment. You will influence the design of a disruptive product that will shape the security industry of tomorrow.
Proven experience in leading a team of researchers or detection engineers
Experience in writing behavioral detection rules - understanding how to detect low-level malicious techniques while evaluating the rule’s efficacy
Proven experience with reverse engineering of x86/x64/ARM binaries
Several years of experience in malware analysis (statically and dynamically)
Excellent understanding of the Windows Internals - understanding how core system components (Process and Threads, Virtual Memory, and more) work behind the scenes
An advantage would be - modern C++ experience and understanding of existing AVs internals
Restricted Stock Units (RSUs)
Employee Stock Purchase Plan (ESPP)
Competitive leave benefits
Gender-neutral parental leave
Employee Assistant Program
Workout sessions and a Wellness App
Medical and insurance benefits
Pension
Employee Assistance Program (EAP)
Global home office allowance
Mobile phone reimbursement
תחומי אחריות
You will manage a team of detection engineers and guide them through the research and development of detection rules and infrastructure.
You will be responsible for driving the detection of the newest malware and exploits based on SentinelOne’s Endpoint Protection platform. Your role won’t end with a hypothesis or a document - you’ll have an end-to-end responsibility for behavior-based detection capabilities, starting from leading any prior research, designing new methods to detect or prevent those, and the implementation of it in the product in the end (SW development in C++23 and scripting in Lua).
You will be leading the development and research of attack tools, PoCs, and the discovery of new ways to detect/prevent exploitation attacks (EoP, drive-by attacks, and more).
At the end of the day, your deliveries will enhance the security of dozens of millions of Windows endpoints, which are protected by our platform.
You will meet extraordinary challenges facing the newest attacks and tech obstacles, and overcome them. You will work with the very BEST in the industry in a flexible and independent environment. You will influence the design of a disruptive product that will shape the security industry of tomorrow.
Proven experience in leading a team of researchers or detection engineers
Experience in writing behavioral detection rules - understanding how to detect low-level malicious techniques while evaluating the rule’s efficacy
Proven experience with reverse engineering of x86/x64/ARM binaries
Several years of experience in malware analysis (statically and dynamically)
Excellent understanding of the Windows Internals - understanding how core system components (Process and Threads, Virtual Memory, and more) work behind the scenes
An advantage would be - modern C++ experience and understanding of existing AVs internals
Restricted Stock Units (RSUs)
Employee Stock Purchase Plan (ESPP)
Competitive leave benefits
Gender-neutral parental leave
Employee Assistant Program
Workout sessions and a Wellness App
Medical and insurance benefits
Pension
Employee Assistance Program (EAP)
Global home office allowance
Mobile phone reimbursement
דרישות
You will manage a team of detection engineers and guide them through the research and development of detection rules and infrastructure.
You will be responsible for driving the detection of the newest malware and exploits based on SentinelOne’s Endpoint Protection platform. Your role won’t end with a hypothesis or a document - you’ll have an end-to-end responsibility for behavior-based detection capabilities, starting from leading any prior research, designing new methods to detect or prevent those, and the implementation of it in the product in the end (SW development in C++23 and scripting in Lua).
You will be leading the development and research of attack tools, PoCs, and the discovery of new ways to detect/prevent exploitation attacks (EoP, drive-by attacks, and more).
At the end of the day, your deliveries will enhance the security of dozens of millions of Windows endpoints, which are protected by our platform.
You will meet extraordinary challenges facing the newest attacks and tech obstacles, and overcome them. You will work with the very BEST in the industry in a flexible and independent environment. You will influence the design of a disruptive product that will shape the security industry of tomorrow.
Proven experience in leading a team of researchers or detection engineers
Experience in writing behavioral detection rules - understanding how to detect low-level malicious techniques while evaluating the rule’s efficacy
Proven experience with reverse engineering of x86/x64/ARM binaries
Several years of experience in malware analysis (statically and dynamically)
Excellent understanding of the Windows Internals - understanding how core system components (Process and Threads, Virtual Memory, and more) work behind the scenes
An advantage would be - modern C++ experience and understanding of existing AVs internals
Restricted Stock Units (RSUs)
Employee Stock Purchase Plan (ESPP)
Competitive leave benefits
Gender-neutral parental leave
Employee Assistant Program
Workout sessions and a Wellness App
Medical and insurance benefits
Pension
Employee Assistance Program (EAP)
Global home office allowance
Mobile phone reimbursement