Cyber Security Engineer - SentinelOne Implementation/Administration

About The Role

Deployment & Configuration

• Lead the end-to-end installation, configuration, and policy deployment of SentinelOne across diverse enterprise systems.
  

Administration & Maintenance

• Manage and maintain the SentinelOne management console and endpoint agents, ensuring optimal performance, version compliance, and operational health.
  

Troubleshooting & Root Cause Analysis

• Conduct Level 3 (L3) support for complex endpoint issues, performing deep-dive troubleshooting and forensic analysis to identify and resolve threats or system faults.
  

Threat Hunting & Incident Response

• Proactively identify, investigate, and respond to suspicious activities and security incidents using SentinelOnes EDR capabilities and forensic tools.
  

Integration With Security Ecosystem

• Integrate SentinelOne with SIEM/SOAR platforms (e.g., Splunk, QRadar, XSOAR) to improve alert correlation, response automation, and overall threat visibility.
  

Collaboration & Optimization

• Work closely with internal security teams and clients to fine-tune configurations, optimize detection rules, and adapt SentinelOne policies to evolving threat landscapes.
  

Documentation & Reporting

• Develop and maintain detailed documentation for deployment architectures, configuration standards, incident response procedures, and best practices.
  

Required Skills & Qualifications

• Minimum 5 years of experience in cybersecurity, with a strong focus on endpoint security and EDR platforms.
• Proven expertise in administering and implementing SentinelOne in large-scale enterprise environments.
• Deep understanding of cyber threat landscapes, malware analysis, and modern attack vectors.
• Strong knowledge of L3 troubleshooting, threat containment strategies, and incident response workflows.
• Experience with SIEM/SOAR integration and leveraging EDR telemetry for threat intelligence and automation.
• Familiarity with endpoint forensics, log analysis, and EDR-generated reporting and dashboards.
• Relevant industry certifications preferred, such as :
• SentinelOne Certified Admin/Engineer
• GIAC (GCFA, GCIA, GCIH)
• CompTIA Security+ / CySA+
• CEH / CISSP (optional, but advantageous)