Senior Hyperautomation Engineer

Details

At SentinelOne, we are driven by a clear purpose: to give the advantage to those who secure our future. As AI reshapes how organizations build, operate, and innovate, the responsibility to protect them becomes more critical than ever. When you join SentinelOne, your work helps protect global enterprises, critical infrastructure, and the technologies shaping tomorrow.

This role is part of the Wayfinder MDR team and focuses on designing, building, and operating the automation layer that powers MDR. The role is engineering- and automation-focused (not alert triage) and works closely with Threat Service Engineers (TSEs), SOC analysts, Threat Hunters, and R&D teams to convert manual SOC processes into scalable, reliable, production-grade automation workflows.

Responsibilities

• Design, develop, and maintain hyperautomation workflows that support alert triage, enrichment, investigation, and response.
• Convert SOC playbooks, investigation logic, and threat-hunting processes into automated, production-grade workflows.
• Identify repetitive or high-volume SOC tasks and implement automation to improve efficiency and consistency.
• Build and maintain integrations with internal platforms and third-party security tools using APIs, webhooks, and event-driven mechanisms.
• Collaborate with Threat Service Engineers (TSEs) and SOC teams to fine-tune detections and automation logic.
• Improve and optimize MDR operational processes for fast response and effective threat mitigation.
• Own automation workflows end-to-end: design, deployment, monitoring, troubleshooting, and continuous improvement.
• Create and maintain automation playbooks, templates, and best practices for incident response at scale.
• Provide operational feedback to R&D and product teams to shape future detection and response capabilities.

Requirements

• 5+ years of experience in Security Engineering, Automation Engineering, SOC Tooling, Backend Engineering, or similar technical roles.
• Strong experience with Python (required); experience with SQL is highly preferred.
• Experience building and operating automation workflows or backend services in production environments.
• Solid understanding of SOC operations, incident response workflows, and security alert lifecycles.
• Experience working with APIs, integrations, webhooks, and distributed systems.
• Strong problem-solving skills and the ability to translate operational challenges into scalable engineering solutions.
• Professional written and verbal communication skills; ability to manage multiple workstreams and prioritize in a fast-paced environment.

Benefits

• Restricted Stock Units (RSUs) and Employee Stock Purchase Plan (ESPP)
• Flexible time off; paid company holidays and paid sick time; gender-neutral parental leave; grandparent leave
• Medical, dental, and vision coverage; 401(k) with company match; life and disability insurance; FSAs
• Voluntary benefits (hospital, accident, critical illness); Employee Assistance Program (EAP); ARAG pre-paid legal; nationwide pet insurance; Cancer Care program; global business travel medical insurance
• Home office allowance; mobile phone reimbursement
• Wellness coach; wellness/gym reimbursement; fertility coverage; adoption & surrogacy reimbursement

Compensation

• On Target Earnings (OTE): $108,000—$140,000 USD (OTE includes base salary and commissions). The posted range is for U.S. candidates; a different pay range may apply for some locations and will be provided during recruiting.

SentinelOne participates in the E-Verify Program for all U.S.-based roles and is an Equal Employment Opportunity and Affirmative Action employer.