Staff DFIR Investigator
United States - Remote
Full Time Senior-level / Expert USD 148K - 190K
SentinelOne
SentinelOne vereint Endpunkt-, Cloud-, Identitäts- und Datensicherheit. Angereichert durch unseren Security Data Lake für eine nahtlose und effiziente Cybersecurity.About Us:
SentinelOne is defining the future of cybersecurity through our XDR platform that automatically prevents, detects, and responds to threats in real-time. Singularity XDR ingests data and leverages our patented AI models to deliver autonomous protection. With SentinelOne, organizations gain full transparency into everything happening across the network at machine speed – to defeat every attack, at every stage of the threat lifecycle.
We are a values-driven team where names are known, results are rewarded, and friendships are formed. Trust, accountability, relentlessness, ingenuity, and OneSentinel define the pillars of our collaborative and unified global culture. We're looking for people that will drive team success and collaboration across SentinelOne. If you’re enthusiastic about innovative approaches to problem-solving, we would love to speak with you about joining our team!
What are we looking for?
SentinelOne’s Vigilance DFIR team conducts digital forensic investigations and threat hunting operations for global clients. Our team provides multiple levels of proactive and reactive services to our clients to include incident readiness assessments, table-top exercises, purple-team activities, full-breach investigation, malware analysis, and hunting operations. The selected candidate will be an experienced investigator and endpoint-based hunter with superior technical and customer services skills.
What will you do?
- Accountable to ensure excellence in every engagement, to include scoping, forensic analysis, reporting, hunting, remediation consulting, and client communication.
- Contribute as a lead investigator for engagements. Manage all aspects of a breach response and containment investigation.
- Technical investigative skills must include host-based forensic analysis, EDR-driven incident response, malware analysis, memory analytics, and network log investigations.
- Provide detailed and impactful formal investigative reports, to include technical findings and security improvement recommendations.
- Provide additional IR services, to include:
- Incident Response Assessments
- Table-top exercises
- Purple-teaming
- Work closely with the threat intelligence team to pursue attribution, identify attack trends, innovative malicious TTPs, and contribute to community-facing publications and blogs.
What skills and knowledge should you bring?
- 2+ years of hands-on consulting experience in threat hunting, digital forensics, and incident response.
- Expert level experience with forensic investigative software (Axiom Cyber preferred).
- Experience with EDR/XDR platforms (SentinelOne preferred).
- Experienced conducting dynamic malware analysis and understanding of the reverse engineering process.
- Experience with memory analytics (Volatility Preferred).
- Experience or knowledge of conducting endpoint based threat hunting (compromise assessments).
- Experience working with cyber threat intelligence platforms and the threat intelligence process from raw attack data to finished intel and publications.
Why us?
You will be joining a cutting-edge company, where you will tackle extraordinary challenges and work with the very best in the industry.
- Medical, Vision, Dental, 401(k), Commuter, Health and Dependent FSA
- Unlimited PTO
- Industry leading gender-neutral parental leave
- Paid Company Holidays
- Paid Sick Time
- Employee stock purchase program
- Disability and life insurance
- Employee assistance program
- Gym membership reimbursement
- Cell phone reimbursement
- Numerous company-sponsored events including regular happy hours and team building events
locations, a different pay range may apply. If so, this range will be provided to you during the recruiting
process. You can also reach out to the recruiter with any questions.
Base Salary Range$148,000—$190,000 USD
SentinelOne is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.
SentinelOne participates in the E-Verify Program for all U.S. based roles.
Tags: Analytics DFIR EDR Forensics Incident response Malware Reverse engineering Threat intelligence TTPs XDR
Perks/benefits: Career development Fitness / gym Health care Insurance Medical leave Parental leave Team events Transparency Unlimited paid time off
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Cybersecurity Analyst jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Security Specialist jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Penetration Tester jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Specialist jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open Security assessment-related jobs
- Open APIs-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open Forensics-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs