[Remote] Staff DFIR Analyst
Note: The job is a remote job and is open to candidates in USA. SentinelOne is redefining cybersecurity by leveraging AI-powered, data-driven innovation to combat future threats. The role involves conducting digital forensic investigations and threat hunting operations for global clients, ensuring excellence in engagements, and managing breach response investigations.
Responsibilities
ā¢ Accountable to ensure excellence in every engagement, to include scoping, forensic analysis, reporting, hunting, remediation consulting, and client communication
ā¢ Contribute as a lead investigator for engagements
ā¢ Manage all aspects of a breach response and containment investigation
ā¢ Technical investigative skills must include host-based forensic analysis, EDR-driven incident response, malware analysis, memory analytics, and network log investigations
ā¢ Provide detailed and impactful formal investigative reports, to include technical findings and security improvement recommendations
ā¢ Work closely with the threat intelligence team to pursue attribution, identify attack trends, innovative malicious TTPs, and contribute to community-facing publications and blogs
Skills
ā¢ 4+ years of hands-on consulting experience in threat hunting, digital forensics, and incident response
ā¢ Technical investigative skills must include host-based forensic analysis, EDR-driven incident response, malware analysis, memory analytics, and network log investigations
ā¢ Provide detailed and impactful formal investigative reports, to include technical findings and security improvement recommendations
ā¢ Work closely with the threat intelligence team to pursue attribution, identify attack trends, innovative malicious TTPs, and contribute to community-facing publications and blogs
ā¢ Experience or knowledge of conducting endpoint based threat hunting (compromise assessments)
ā¢ Experience working with cyber threat intelligence platforms and the threat intelligence process from raw attack data to finished intel and publications
ā¢ Expert level experience with forensic investigative software (X-Ways or Axiom Cyber preferred)
ā¢ Experience with EDR/XDR platforms (SentinelOne preferred)
ā¢ Experienced conducting dynamic malware analysis and understanding of the reverse engineering process (preferred)
ā¢ Experience with memory analytics (Volatility Preferred)
Benefits
ā¢ Medical, Vision, Dental, 401(k), Commuter, Health and Dependent FSA
ā¢ Unlimited PTO
ā¢ Industry leading gender-neutral parental leave
ā¢ Paid Company Holidays
ā¢ Paid Sick Time
ā¢ Employee stock purchase program
ā¢ Disability and life insurance
ā¢ Employee assistance program
ā¢ Gym membership reimbursement
ā¢ Cell phone reimbursement
ā¢ Numerous company-sponsored events including regular happy hours and team building events
Company Overview
ā¢ SentinelOne is an autonomous cybersecurity solution company. It was founded in 2013, and is headquartered in Mountain View, California, USA, with a workforce of 1001-5000 employees. Its website is http://www.sentinelone.com.
Company H1B Sponsorship
ā¢ SentinelOne has a track record of offering H1B sponsorships, with 13 in 2025, 14 in 2024, 2 in 2023, 18 in 2022, 5 in 2021. Please note that this does not guarantee sponsorship for this specific role.
Apply Now
Apply Now
Responsibilities
ā¢ Accountable to ensure excellence in every engagement, to include scoping, forensic analysis, reporting, hunting, remediation consulting, and client communication
ā¢ Contribute as a lead investigator for engagements
ā¢ Manage all aspects of a breach response and containment investigation
ā¢ Technical investigative skills must include host-based forensic analysis, EDR-driven incident response, malware analysis, memory analytics, and network log investigations
ā¢ Provide detailed and impactful formal investigative reports, to include technical findings and security improvement recommendations
ā¢ Work closely with the threat intelligence team to pursue attribution, identify attack trends, innovative malicious TTPs, and contribute to community-facing publications and blogs
Skills
ā¢ 4+ years of hands-on consulting experience in threat hunting, digital forensics, and incident response
ā¢ Technical investigative skills must include host-based forensic analysis, EDR-driven incident response, malware analysis, memory analytics, and network log investigations
ā¢ Provide detailed and impactful formal investigative reports, to include technical findings and security improvement recommendations
ā¢ Work closely with the threat intelligence team to pursue attribution, identify attack trends, innovative malicious TTPs, and contribute to community-facing publications and blogs
ā¢ Experience or knowledge of conducting endpoint based threat hunting (compromise assessments)
ā¢ Experience working with cyber threat intelligence platforms and the threat intelligence process from raw attack data to finished intel and publications
ā¢ Expert level experience with forensic investigative software (X-Ways or Axiom Cyber preferred)
ā¢ Experience with EDR/XDR platforms (SentinelOne preferred)
ā¢ Experienced conducting dynamic malware analysis and understanding of the reverse engineering process (preferred)
ā¢ Experience with memory analytics (Volatility Preferred)
Benefits
ā¢ Medical, Vision, Dental, 401(k), Commuter, Health and Dependent FSA
ā¢ Unlimited PTO
ā¢ Industry leading gender-neutral parental leave
ā¢ Paid Company Holidays
ā¢ Paid Sick Time
ā¢ Employee stock purchase program
ā¢ Disability and life insurance
ā¢ Employee assistance program
ā¢ Gym membership reimbursement
ā¢ Cell phone reimbursement
ā¢ Numerous company-sponsored events including regular happy hours and team building events
Company Overview
ā¢ SentinelOne is an autonomous cybersecurity solution company. It was founded in 2013, and is headquartered in Mountain View, California, USA, with a workforce of 1001-5000 employees. Its website is http://www.sentinelone.com.
Company H1B Sponsorship
ā¢ SentinelOne has a track record of offering H1B sponsorships, with 13 in 2025, 14 in 2024, 2 in 2023, 18 in 2022, 5 in 2021. Please note that this does not guarantee sponsorship for this specific role.
Apply Now
Apply Now