Wayfinder Threat Hunting Intern

SentinelOne is a company at the intersection of AI and security, pioneering a new operating model for cybersecurity. They focus on AI-native protection across endpoint, cloud, identity, data, and AI systems, aiming to reduce noise, simplify complexity, and empower security teams.

Location: Remote (US)

Salary: $25—$25 USD

Responsibilities

• Assist with threat hunting and hunt content: Help design and refine hypotheses‑driven hunts and reusable rules aligned with the MITRE ATT&CK framework, with a strong emphasis on EDR telemetry across Windows, macOS, and Linux.
• Support execution of proactive hunts across endpoints and related telemetry to uncover living‑off‑the‑land techniques, stealthy persistence, and other advanced adversary behavior.
• Support emerging threat response and periodic hunts: Contribute to research on emerging threats, map relevant TTPs, and draft focused hunt logic and validation steps.
• Assist with preparing and running Emerging Threat and hypothesis‑based campaigns across client environments.
• Curate and operationalize relevant IOCs/TTPs from CTI, Labs research, and OSINT into hunts and platform detections.
• Support efforts to identify coverage gaps and propose additions or exclusions.
• Review batched hunt findings, assist with initial triage, enrichment, and classification.
• Partner with supporting teams to share observations about hunt findings and candidate rules.
• Document investigative hypotheses, methodology, and findings.
• Assist in drafting technical summaries and reports.
• Help maintain and update team playbooks and SOPs.

Requirements

• Strong written and verbal communication skills.
• Progress toward a degree in Computer Science, Cybersecurity, or related field, or equivalent experience.
• Foundational experience with security operations concepts, EDR/XDR, SIEM, or threat hunting.
• Comfort working with EDR‑style telemetry and interested in turning telemetry into hunts and detections.
• Basic proficiency with scripting or query languages (Python, PowerShell, Bash, SQL, etc.).
• Exposure to MITRE ATT&CK or similar frameworks.
• Growth mindset, attention to detail, and willingness to work within structured processes.

Benefits

• 1:1 mentorship
• Opportunity to work on challenging projects
• Training and Development opportunities
• Connections to other recent grads and employees
• Leadership speaker series
• Fun events

Additional Information

• This role is part of the Summer 2026 Internship Cohort, running June 8 – August 14, 2026.
• This U.S. role has a base pay range of $25—$25 USD, with variations based on location.