Threat Analyst

Our Vigilance team is an elite force of cyber security experts providing a Managed Detection and Response (MDR) service to our largest customers. We drive a world class program of threat monitoring, hunting, and response services. We play a crucial role in keeping our top tier customers protected providing an additional level of security and confidence, by leveraging SentinelOne’s unique Intelligence and research resources. Our Vigilance service is a key contributor in shaping the SentinelOne roadmap, working hand and hand with the Product Managers and various R&D teams.

What will you do?

• Collaborate  with our global team to proactively monitor, and review threats and suspicious events for a variety of customers, from SMB to the largest Fortune 10 enterprises.
• The days will vary greatly, but will predominantly include investigation of alerts, triage, deep dive analysis followed by developing remediation plans.
• Collect threat data from various sources to provide an analysis and respond to the customer within a short time window. 
• Hunt and search for known and unknown attacker actions in a customer environment using SentinelOne’s unique threat hunting suite and other available tools.
• Support various customer security teams to investigate and contain threats or resolve security issues.
• Build close relationships with the SentinelOne Research and Development teams to improve detection abilities and research new attack trends.
• Provide professional input to design and develop tools for our internal use. 
• Some shift work will be required to help with 'follow the sun' model for customer hand off and support. 

What experience or knowledge are we looking for?

• We are looking for a team-player, ready to work with the best security researchers out there, not afraid to dive into complex and challenging security incidents and provide best in its class MDR services.
• 4 years experience in Technical Support or SOC operation in a cyber security company.
• Strong network and security knowledge or certification is desired.
• Significant experience with threat research in the Windows environment.
• Hands-on experience in dynamic malware analysis.
• Experience with data ingesting technologies (i.e. Splunk)
• Experience with SQL and\or NoSQL queries.
• Excellent customer-oriented individual, a problem solver. 
• Experience with host base (endpoint agent), or sandbox (network-based) security solutions is preferred. 
• Multi-OS support experience: Windows, Mac & Linux (mobile platforms - an advantage).
• Incident Response experience would be ideal.
• Professional and articulate with excellent written communication skills.
• Ability to multitask and prioritise.
• Team player, willing to learn as well as teach in a team environment.