Sr. DFIR Analyst
@ SentinelOne

Hybrid
$160,000
Hybrid
Full Time
Posted 16 hours ago

Your Application Journey

Personalized Resume
Apply
Email Hiring Manager
Interview

Email Hiring Manager

XXXXXXXXX XXXXXXXXXXXXX XXXXXXX****** @sentinelone.com
Recommended after applying

Job Details

About SentinelOne

At SentinelOne, we’re redefining cybersecurity by leveraging AI-powered, data-driven innovation to stay ahead of tomorrow’s threats. Our values drive us to build industry-leading products and cultivate an exceptional company culture. We seek passionate, collaborative individuals eager to drive impact.

What are we looking for?

The Vigilance DFIR team conducts digital forensic investigations and threat hunting operations for global clients. The team provides proactive and reactive services including incident readiness assessments, table-top exercises, purple-team activities, full-breach investigations, malware analysis, and hunting operations. We are looking for an experienced investigator and endpoint-based hunter with superior technical and customer service skills.

What will you do?

  • Lead investigations including scoping, forensic analysis, reporting, hunting, remediation consulting, and client communication.
  • Manage all aspects of breach response and containment investigations.
  • Perform host-based forensic analysis, EDR-driven incident response, malware analysis, memory analytics, and network log investigations.
  • Provide detailed investigative reports with technical findings and security recommendations.
  • Conduct additional IR services, including incident response assessments, table-top exercises, and purple-teaming activities.
  • Collaborate with the threat intelligence team to identify trends, attack techniques, and contribute to publications.

Skills and Knowledge

  • 2+ years hands-on consulting experience in threat hunting, digital forensics, and incident response.
  • Expert level use of forensic investigative software (Axiom Cyber preferred).
  • Experience with EDR/XDR platforms (SentinelOne preferred).
  • Skilled in dynamic malware analysis and reverse engineering processes.
  • Experience in memory analytics (Volatility preferred) and endpoint threat hunting.
  • Knowledge working with cyber threat intelligence platforms from raw data to finished intel.

Why SentinelOne?

You will join a cutting-edge company solving extraordinary challenges with top industry professionals. Benefits include Medical, Vision, Dental, 401(k), Commuter benefits, Health and Dependent FSA, Unlimited PTO, gender-neutral parental leave, Paid Holidays and Sick Time, Employee stock purchase program, Disability and life insurance, Employee assistance, Gym and Cell phone reimbursement, and many company-sponsored events.

This U.S. role has a base pay range depending on candidate location, with a range of $128,800 to $160,000 USD. For exact details, information will be provided during recruiting.

Equal Employment Opportunity

SentinelOne is an Equal Employment Opportunity and Affirmative Action employer. All qualified applicants are encouraged to apply.

Key skills/competency

  • Digital Forensics
  • Incident Response
  • Threat Hunting
  • Malware Analysis
  • Forensic Software
  • EDR Platforms
  • Memory Analytics
  • Client Communication
  • Breach Investigation
  • Cyber Threat Intelligence

How to Get Hired at SentinelOne

🎯 Tips for Getting Hired

  • Customize your resume: Emphasize DFIR and threat hunting skills.
  • Highlight technical tools: List forensic and EDR software expertise.
  • Research SentinelOne culture: Understand their innovation and values.
  • Prepare for scenarios: Practice breach response and analysis questions.

📝 Interview Preparation Advice

Technical Preparation

Review forensic tools and EDR platforms.
Practice memory analytics and malware analysis.
Understand host and network forensic techniques.
Study breach response and incident handling protocols.

Behavioral Questions

Describe handling challenging forensic cases.
Explain teamwork during breach investigations.
Discuss communication with non-technical clients.
Share experiences adapting to new threats.

Frequently Asked Questions