Sr. Staff Back-End AppSec Lead
TLDR
Lead high-stakes security engagements, validate AI-generated findings, and enhance code scanning methodologies to improve security across customer systems.
Our Purpose
At SentinelOne, we are driven by a clear purpose: to give the advantage to those who secure our future. As AI reshapes how organizations build, operate, and innovate, the responsibility to protect them becomes more critical than ever. When you join SentinelOne, your work helps protect global enterprises, critical infrastructure, and the technologies shaping tomorrow. If you are motivated by meaningful challenges and want your impact to be real, measurable, and global, you will find purpose here.
About Us
SentinelOne is a company at the intersection of AI and security, pioneering a new operating model for cybersecurity. Our AI-native platform unifies protection across endpoint, cloud, identity, data, and AI systems to deliver autonomous detection and response with clarity and speed. By combining real-time analytics, intelligent automation, and a unified data foundation, we reduce noise, simplify complexity, and empower security teams to focus on what truly matters.
Our teams are builders, problem-solvers, and innovators committed to shaping the future of security. If you are excited to solve hard problems alongside talented, mission-driven people, we invite you to help us build a safer future for humanity.
What Are We Looking For?
We’re looking for people who are relentlessly curious and committed to continuous learning. AI is reshaping every function across our business, and we enable every team member, regardless of role or level, to build fluency in AI tools and concepts. Those who thrive here actively seek out new solutions, experiment thoughtfully, and apply what they learn to drive better, faster, smarter outcomes.
As a Sr. Staff Back-End AppSec Lead, you will be tasked with acting as a trusted advisor to customers by reviewing and validating AI-generated findings on Java and .NET back-end systems during high-stakes security engagements. Working directly with SentinelOne’s agentic code scanning pipeline to analyze vulnerabilities, apply expert human judgment, and communicate actionable results to both technical teams and executive stakeholders. Help build and scale the Wayfinder Frontier AI Services practice by refining methodologies, improving AI-assisted exposure management workflows, and collaborating with elite offensive and defensive security experts.
What Will You Do?
Primary responsibilities include:
- Lead Wayfinder Frontier AI Services customer engagements end-to-end, scope the work, deliver the technical findings, and present results to executive and technical stakeholders.
- Review and triage findings from our agentic code scanning pipeline against customer Java and .NET codebases. Validate true positives, eliminate noise, and ensure every finding that reaches the customer is a decision they can act on.
- Conduct deep code review across Java and .Net code and common frameworks.
- Present findings to stake holders, translate technical risk into business impact and map exposures into end-to-end exploitation chains.
- Author and maintain SAST rule packs that scale across the customer base, and partner with our AI/ML engineers to improve our agentic scanning engine.
- Provide expert remediation guidance to customer development teams and validate fixes through follow-up review.
- Work closely with our engineering teams to enhance our agentic code scanning pipeline, and reduce false positives.
- Mentor Senior-level AppSec engineers and dev-skilled threat hunters; raise the technical bar of the practice and shape the service line's methodology, engagement playbooks, and scoping templates.
What Skills And Knowledge Will You Bring?
Ideal candidates will have:
- 7+ years in application security or product security with a strong software development background.
- Proven track record translating complex findings into technical and executive-level debriefs. Excellent written and verbal communication is essential.
- Experience delivering customer-facing or consulting-style engagements end-to-end, comfortable in a distributed remote organization.
- Expert-level Java / Spring, you've identified and explained vulnerabilities at the framework level, not just the application level.
- Expert-level .NET Framework and ASP.NET Core, vulnerabilities and secure coding methodologies.
- Mastery of OWASP Top 10, CWE Top 25, and modern authentication infrastructure (SAML, OAuth, OIDC, JWT internals).
- Hands-on experience authoring custom static-analysis rules and queries for modern SAST engines; familiarity with AI-assisted code review workflows and validating findings produced by automated and agentic analysis pipelines.
- Strong threat modeling experience throughout the secure SDLC.
- Fluency with Git-based source control and CI/CD pipelines, including build-pipeline security controls, runner hardening, and release-gate enforcement.
- Experience with AI accelerated development / code scanning methodologies.
Why SentinelOne?
AI is redefining how the world operates and rewriting the rules of security in real time, and SentinelOne was built for this moment. From day one, we architected an AI-native platform designed to operate at machine speed, not as an add-on to legacy systems but as the foundation itself. If you want to build where innovation and impact move together, this is that place.
We invest in our Sentinels with comprehensive, competitive benefits designed to support you and your family:
Equity & Rewards
- Restricted Stock Units (RSUs)
- Employee Stock Purchase Plan (ESPP)
Time Off & Wellbeing
- Flexible time off
- Paid company holidays and paid sick time
- Gender-neutral parental leave
- Grandparent leave
Insurance & Financial Security
- Medical, dental, and vision coverage
- 401(k) retirement plan with company match
- Life and disability insurance
- Health and dependent care FSA
- Voluntary benefits (hospital, accident, critical illness)
- Employee Assistance Program (EAP)
- ARAG pre-paid legal
- Nationwide pet insurance
- Cancer Care program
- Global business travel medical insurance
Work Perks & Flexibility
- Home office allowance
- Mobile phone reimbursement
Wellness & Lifestyle
- Wellness coach
- Wellness/gym reimbursement
- Fertility coverage
- Adoption & surrogacy reimbursement
This U.S. role has a base pay range that will vary based on the location of the candidate. For some locations, a different pay range may apply. If so, this range will be provided to you during the recruiting process. You can also reach out to the recruiter with any questions.
SentinelOne is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.
SentinelOne participates in the E-Verify Program for all U.S. based roles.
Benefits
Equity Compensation
Employee Stock Purchase Plan (ESPP)
Flexible Work Hours
Flexible time off
Home Office Stipend
Home office allowance
Other Benefit
Adoption & surrogacy reimbursement
Paid Parental Leave
Gender-neutral parental leave
Paid Time Off
Paid company holidays and paid sick time
Wellness Stipend
Wellness/gym reimbursement
SentinelOne provides autonomous security solutions built on AI to protect organizations across endpoint, cloud, and identity environments. Our platform unifies threat prevention, detection, response, and forensics in a single, user-friendly system, enabling businesses to safeguard their assets against evolving cyber threats. Recognized as a leader in the industry, we cater to enterprises in various sectors, ensuring fast, effective defense against advanced attacks.
- Founded
- Founded 2013
- Employees
- 500+ employees
- Industry
- Internet Software & Services