FreshRemote.Work

Threat Intelligence Engineering Lead, Tools (SentinelLabs)

United States - Remote

About Us:

SentinelOne is defining the future of cybersecurity through our XDR platform that automatically prevents, detects, and responds to threats in real-time. Singularity XDR ingests data and leverages our patented AI models to deliver autonomous protection. With SentinelOne, organizations gain full transparency into everything happening across the network at machine speed – to defeat every attack, at every stage of the threat lifecycle. 

We are a values-driven team where names are known, results are rewarded, and friendships are formed. Trust, accountability, relentlessness, ingenuity, and OneSentinel define the pillars of our collaborative and unified global culture. We're looking for people that will drive team success and collaboration across SentinelOne. If you’re enthusiastic about innovative approaches to problem-solving, we would love to speak with you about joining our team!

What are we looking for?

SentinelLabs is seeking an experienced and visionary Threat Intelligence Engineering Lead to head our engineering team, driving the design and development of cutting-edge threat intelligence tools and systems. In this leadership role, you’ll oversee the team responsible for building and refining our threat hunting and intelligence capabilities. You will serve as a technical authority and strategic partner to threat hunters, security researchers, larger engineering teams, and other stakeholders across the organization, transforming complex threat intelligence requirements into advanced, scalable solutions. Your guidance and expertise will be essential in defining engineering priorities, fostering team growth, and ensuring the quality and impact of our threat intelligence platform.

What will you do? 

As a Lead Threat Intelligence Engineer at SentinelLabs, your primary responsibilities will include:

  • Translate executive goals to tools and outputs while anticipating future needs, effectively sequencing development, and ensuring the right priority is met to the right standard.
  • Oversee the threat engineering team's daily operations, ensuring seamless functioning and high performance while codifying the strategic value of our findings into cross-company processes. You'll ensure that our threat intelligence tools align with SentinelLabs' strategic goals and drive actionable insights across teams.
  • Partner with threat hunters, security researchers, and cross-functional teams to translate their needs into technical specifications.
  • Guide your team in developing innovative tools that empower the broader threat intelligence and research functions.
  • Oversee the design and integration of tools within platforms like Vertex Synapse, incorporating internal tools and enrichments to support threat research workflows.
  • Rapidly prototyping and refining tools to ensure they effectively support threat hunting processes and are seamlessly integrated into a repeatable pipeline.
  • Spearhead the creation of efficient telemetry enrichment and data curation systems, enhancing the collection, analysis, storage, tagging, and enrichment of indicators of compromise and other critical data.
  • Codifying threat hunting processes to maximize the value of diverse and unique data sources, meaningfully contributing to SentinelLabs threat research.
  • Work closely with larger SentinelOne engineering and data teams.

What skills and knowledge should you bring?

  • Demonstrated experience leading high-performing technical operations, with a focus on fostering innovation, aligning with organizational goals, and achieving impactful outcomes.
  • Prefer 12+ years of progressive professional experiences (or equivalent combination of experience, certifications, and education), with recent related experiences leading teams or as princiapl engineer driving threat intelligence tooling efforts.
  • Deep knowledge of threat intelligence platforms, particularly Vertex Synapse, and experience leveraging them for data enrichment and automation.
  • A solid understanding of threat hunting processes and the ability to codify these processes into repeatable, scalable pipelines that enhance the efficacy of threat research efforts.
  • Strong analytical skills, capable of dissecting complex problems, synthesizing actionable information from diverse data sources, and finding opportunities for novel correlation.
  • Experience in software development, with strong proficiency in Python and/or Go, especially in developing and maintaining tools for security applications.
  • Comfort with rapidly prototyping and iterating on tools to ensure they meet the evolving needs of threat hunters and security researchers.
  • Knowledge of security telemetry data management, including the collection, analysis, storage, tagging, and enrichment of indicators of compromise and associated data sources such as VirusTotal Intelligence/Stairwell, and types like passive DNS, netflow, and scanning.
  • Excellent communication and collaboration skills, able to work effectively with cross-functional teams and surmise technical requirements from diverse stakeholders.

Why us?

SentinelLabs is an industry-leading threat research team with a unique remit to openly contribute cutting-edge research to global cyber defense by combining world-class expertise and unparalleled access to threat data.

You will be joining a cutting-edge company where you will tackle extraordinary challenges and work with the very best in the industry.

  • Medical, Vision, Dental, 401(k), Commuter, Health and Dependent FSA
  • Unlimited PTO
  • Industry-leading gender-neutral parental leave
  • Paid Company Holidays
  • Paid Sick Time
  • Employee stock purchase program
  • Disability and life insurance
  • Employee assistance program
  • Gym membership reimbursement
  • Cell phone reimbursement
  • Numerous company-sponsored events, including regular happy hours and team-building events
This U.S. role has a base pay range that will vary based on the location of the candidate.  For some

locations, a different pay range may apply.  If so, this range will be provided to you during the recruiting

process.  You can also reach out to the recruiter with any questions.

Base Salary Range$204,000—$281,000 USD

SentinelOne is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

SentinelOne participates in the E-Verify Program for all U.S. based roles. 

Apply

Job Profile

Regions

North America

Countries

United States

Benefits/Perks

Cell phone reimbursement Collaboration Commuter Company-sponsored events Cutting-edge company Dental Dependent FSA Disability and life Disability and Life Insurance Employee Assistance Program Employee Stock Purchase Employee Stock Purchase Program Extraordinary challenges Gender-neutral parental leave Gym Membership Reimbursement Health and Dependent FSA Insurance Life Insurance Medical Medical, Vision, Dental Paid company holidays Paid sick time Parental leave Sick time Stock Purchase Program Team success Unlimited PTO Vision

Tasks
  • Codify threat hunting processes
  • Develop innovative tools
  • Enhance data collection and analysis
  • Integrate tools within platforms
  • Lead engineering team
  • Oversee daily operations
  • Software development
  • Tools
  • Translate needs into technical specs
Skills

AI AI models Analytical Automation Collaboration Communication Cross-functional Collaboration Cybersecurity Data analysis Data Curation Data Enrichment DNS Engineering Go Innovation Integration Leadership Organizational Problem-solving Process Optimization Prototyping Python Recruiting Research Security Software Development Strategic planning Team Leadership Technical Technical Specifications Telemetry enrichment Threat Hunting Threat Intelligence Tool Development Vertex synapse XDR XDR platform

Experience

12 years

Education

Cybersecurity

Timezones

America/Anchorage America/Chicago America/Denver America/Los_Angeles America/New_York Pacific/Honolulu UTC-10 UTC-5 UTC-6 UTC-7 UTC-8 UTC-9