Staff Threat Researcher

SentinelOne is seeking a highly motivated and skilled Staff Threat Researcher to join their team. The ideal candidate should have a solid background in cybercrime investigation/threat research, including Linux and/or Cloud, and malware analysis. The Staff Threat Researcher will be responsible for conducting in-depth research and analysis of emerging and existing threats, providing actionable intelligence for detection, and leveraging their deep understanding of the tactics, techniques, and procedures used by ransomware operators and their ecosystem.

Requirements

• Expertise in malware analysis (both static and dynamic), reverse engineering, unpacking, and deobfuscation using tools like IDA Pro, Ghidra, x64dbg, and behavioral sandboxes (Cuckoo, CAPE, etc.).
• Strong understanding of endpoint security technologies, especially EDR platforms and the internal workings of how detection signals are generated and triaged.
• Deep knowledge of operating system internals (Windows, Linux), including memory management, process/thread architecture, registry, and system calls.
• Experience with cloud security research/ cloud threat hunting or IR/ cloud pentesting or redteaming; and with cloud threat detection and cloud-native telemetry (AWS, Azure, GCP).
• Proficient in threat intelligence frameworks and methodologies, including the Diamond Model, MITRE ATT&CK, Kill Chain, and mapping TTPs to coverage and detection gaps.
• Strong data analysis and pattern recognition skills, able to sift through telemetry, logs, and artifacts to derive meaningful insights that drive detection hypotheses and logic.
• Skilled in programming/scripting for automation, analysis, and detection logic generation (mostly Python)
• Experience building and maintaining threat hunting playbooks, leveraging endpoint telemetry, behavior analytics, and threat intelligence to operationalize continuous threat detection.
• Comprehensive understanding of threat actor behaviors, intrusion sets, and motivations and their tooling/ecosystem.

Benefits

• Flexible working hours, 100% remote role based within Spain
• Optional membership in major coworking chains
• Generous employee stock plan in the form of grant of RSUs (restricted stock units), not options
• Yearly bonus depending on the performance of the company, paid out in 2 installments
• 30 Days of Paid Annual Leave
• Flexible Paid Sick Days
• Pension insurance contribution
• Premium Life Insurance covered by S1
• Premium Medical & Dental Insurance covered by S1
• Meal, Transport & Homeoffice allowance of total 440 EUR/month
• Global gender-neutral Parental Leave (16 weeks, beyond the leave provided by the local laws) & Grandparent Leave
• Volunteering paid day off & Additional paid Company holidays off
• Global Employee Assistance Program (confidential counseling related to both personal and work life matters)
• Udemy Business platform for Hard/Soft skills Training & Support for your further educational activities/trainings
• Above-standard referral bonus
• Additional country-specific benefits to Spain

Originally posted on Himalayas