SentinelOne
About Us
At SentinelOne, we’re redefining cybersecurity by pushing the limits of what’s possible—leveraging AI-powered, data-driven innovation to stay ahead of tomorrow’s threats.
From building industry-leading products to cultivating an exceptional company culture, our core values guide everything we do. We’re looking for passionate individuals who thrive in collaborative environments and are eager to drive impact. If you’re excited about solving complex challenges in bold, innovative ways, we’d love to connect with you.
About the role SentinelOne’s Vigilance DFIR team conducts digital forensic investigations and threat hunting operations for global clients. Our team provides multiple levels of proactive and reactive services to our clients to include incident readiness assessments, table‑top exercises, purple‑team activities, full‑breach investigation, malware analysis, and hunting operations. The selected candidate will be an experienced investigator and endpoint‑based hunter with superior technical and customer services skills.
What are we looking for? SentinelOne’s DFIR team conducts digital forensics investigations, incident response, and breach readiness engagements for global clients. Our team provides comprehensive proactive and reactive services, including incident readiness assessments, tabletop exercises, purple‑team activities, full‑breach investigations, malware analysis, and threat‑hunting operations. This role will support the active DFIR services, managing the overall success of cyber incident investigations. In this role, you will work with our global team of DFIR analysts and serve as the point of contact with customers throughout the entirety of an investigation. The ideal candidate will be an experienced leader with technical expertise and exceptional client management skills.
What will you do?
Lead business development activities including scoping, requirements gathering, and contract development
Collaborate with account teams and internal and external legal counsel to ensure service agreements and statements of work are in place
Handle high‑stakes client interactions involving legal counsel or executive stakeholders
Oversee active DFIR investigations, ensuring exceptional quality and timeliness of deliverables
Establish and maintain clear communication channels with all stakeholders
Manage DFIR investigation objectives, timelines, resource allocation
Coordinate cross‑functional teams including internal resources and external vendors
Handle escalations and resolve technical or operational challenges
Ensure proper evidence handling and documentation throughout investigations
Maintain oversight of case documentation and artifact archival
Ensure adherence to standard operating procedures and best practices
Lead post‑engagement reviews and process improvement initiatives
Conduct technical analysis including endpoint forensics, log analysis, and threat‑hunting when required
Maintain flexibility with schedule and participate in weekend and holiday on‑call schedule
Adopt and follow our core values amongst the team:
Trust – We earn our client’s trust via technical expertise and a customer‑first mindset.
Accountability – Every team member contributes to our group success via diligently fulfilling their assigned duties.
Collaboration – The DFIR team works closely with our threat intelligence, research, MDR, and product teams to ensure the success of every investigation.
Relentlessness – We will leave no stone unturned to provide outstanding service and fulfill our client's needs.
Ingenuity – If no tool or process exists to enable our investigations and hunts, then we will create one. There is always a way to improve existing methodologies.
Community – The DFIR team supports each other as we grow and improve ourselves and our service.
What skills and knowledge should you bring?
5+ years of hands‑on consulting experience in digital forensics and incident response
Proven track record of managing complex incident response engagements
Expert‑level experience with industry‑standard forensic tools and methodologies
Strong understanding of and experience with EDR/XDR platforms and security technologies
Experience conducting malware analysis and memory forensics preferred
Demonstrated experience in endpoint‑based threat‑hunting and compromise assessments
Experience working with cyber threat intelligence platforms and processes
Excellence in client communication and relationship management
Experience working with legal teams and insurance carriers
Strong project management and team leadership skills
Industry certifications (GCFE, GCFA, CFCE, EnCE, or similar) preferred
Active participation in the security community through speaking engagements or publications preferred
Evident self‑starter with intellectual curiosity and the ability to adapt to change
Why us? You will be joining a cutting‑edge company, where you will tackle extraordinary challenges and work with the very best in the industry.
Medical, Vision, Dental, 401(k), Commuter, Health and Dependent FSA
Unlimited PTO
Industry leading gender‑neutral parental leave
Paid Company Holidays
Paid Sick Time
Employee stock purchase program
Disability and life insurance
Employee assistance program
Gym membership reimbursement
Cell phone reimbursement
Numerous company‑sponsored events including regular happy hours and team building events
This U.S. role has a base pay range that will vary based on the location of the candidate. For some locations, a different pay range may apply. If so, this range will be provided to you during the recruiting process. You can also reach out to the recruiter with any questions.
Base Salary Range $128,800 — $150,000 USD
SentinelOne is proud to be an Equal Employment Opportunity and affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.
SentinelOne participates in the E‑Verify Program for all U.S. based roles.
#J-18808-Ljbffr
From building industry-leading products to cultivating an exceptional company culture, our core values guide everything we do. We’re looking for passionate individuals who thrive in collaborative environments and are eager to drive impact. If you’re excited about solving complex challenges in bold, innovative ways, we’d love to connect with you.
About the role SentinelOne’s Vigilance DFIR team conducts digital forensic investigations and threat hunting operations for global clients. Our team provides multiple levels of proactive and reactive services to our clients to include incident readiness assessments, table‑top exercises, purple‑team activities, full‑breach investigation, malware analysis, and hunting operations. The selected candidate will be an experienced investigator and endpoint‑based hunter with superior technical and customer services skills.
What are we looking for? SentinelOne’s DFIR team conducts digital forensics investigations, incident response, and breach readiness engagements for global clients. Our team provides comprehensive proactive and reactive services, including incident readiness assessments, tabletop exercises, purple‑team activities, full‑breach investigations, malware analysis, and threat‑hunting operations. This role will support the active DFIR services, managing the overall success of cyber incident investigations. In this role, you will work with our global team of DFIR analysts and serve as the point of contact with customers throughout the entirety of an investigation. The ideal candidate will be an experienced leader with technical expertise and exceptional client management skills.
What will you do?
Lead business development activities including scoping, requirements gathering, and contract development
Collaborate with account teams and internal and external legal counsel to ensure service agreements and statements of work are in place
Handle high‑stakes client interactions involving legal counsel or executive stakeholders
Oversee active DFIR investigations, ensuring exceptional quality and timeliness of deliverables
Establish and maintain clear communication channels with all stakeholders
Manage DFIR investigation objectives, timelines, resource allocation
Coordinate cross‑functional teams including internal resources and external vendors
Handle escalations and resolve technical or operational challenges
Ensure proper evidence handling and documentation throughout investigations
Maintain oversight of case documentation and artifact archival
Ensure adherence to standard operating procedures and best practices
Lead post‑engagement reviews and process improvement initiatives
Conduct technical analysis including endpoint forensics, log analysis, and threat‑hunting when required
Maintain flexibility with schedule and participate in weekend and holiday on‑call schedule
Adopt and follow our core values amongst the team:
Trust – We earn our client’s trust via technical expertise and a customer‑first mindset.
Accountability – Every team member contributes to our group success via diligently fulfilling their assigned duties.
Collaboration – The DFIR team works closely with our threat intelligence, research, MDR, and product teams to ensure the success of every investigation.
Relentlessness – We will leave no stone unturned to provide outstanding service and fulfill our client's needs.
Ingenuity – If no tool or process exists to enable our investigations and hunts, then we will create one. There is always a way to improve existing methodologies.
Community – The DFIR team supports each other as we grow and improve ourselves and our service.
What skills and knowledge should you bring?
5+ years of hands‑on consulting experience in digital forensics and incident response
Proven track record of managing complex incident response engagements
Expert‑level experience with industry‑standard forensic tools and methodologies
Strong understanding of and experience with EDR/XDR platforms and security technologies
Experience conducting malware analysis and memory forensics preferred
Demonstrated experience in endpoint‑based threat‑hunting and compromise assessments
Experience working with cyber threat intelligence platforms and processes
Excellence in client communication and relationship management
Experience working with legal teams and insurance carriers
Strong project management and team leadership skills
Industry certifications (GCFE, GCFA, CFCE, EnCE, or similar) preferred
Active participation in the security community through speaking engagements or publications preferred
Evident self‑starter with intellectual curiosity and the ability to adapt to change
Why us? You will be joining a cutting‑edge company, where you will tackle extraordinary challenges and work with the very best in the industry.
Medical, Vision, Dental, 401(k), Commuter, Health and Dependent FSA
Unlimited PTO
Industry leading gender‑neutral parental leave
Paid Company Holidays
Paid Sick Time
Employee stock purchase program
Disability and life insurance
Employee assistance program
Gym membership reimbursement
Cell phone reimbursement
Numerous company‑sponsored events including regular happy hours and team building events
This U.S. role has a base pay range that will vary based on the location of the candidate. For some locations, a different pay range may apply. If so, this range will be provided to you during the recruiting process. You can also reach out to the recruiter with any questions.
Base Salary Range $128,800 — $150,000 USD
SentinelOne is proud to be an Equal Employment Opportunity and affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.
SentinelOne participates in the E‑Verify Program for all U.S. based roles.
#J-18808-Ljbffr