Staff Professional Services Architect (AI SIEM/HA)

Please note that under Federal & FedRAMP regulations, hiring for this role is limited to US citizens only. 

FedRAMP staff may be subject to customer or third-party background checks, up to and including a secret clearance, if required by their role at SentinelOne. 

What are we looking for?

We are seeking a highly experienced and versatile Professional Services Architect with deep domain expertise in SIEM and SOAR who thrives in fast-paced, customer-facing environments. You are a technical leader who is equally comfortable in whiteboard design sessions, executive briefings, and scoping workshops. You are known for translating complex security challenges into actionable project plans, and you bring both the strategic mindset and technical depth required to help our customers succeed. You excel in cross-functional collaboration, are passionate about security innovation, and bring a consultative approach that drives trust and clarity across the customer lifecycle. 

What will you do?

As a Professional Services Architect within SentinelOne’s Professional Services organization, you will play a critical role in the successful scoping and delivery of complex, cross-platform cybersecurity product implementations, particularly in the areas of AI-powered SIEM and SOAR. This is a customer-facing, post-sales role where you will serve as a trusted advisor, working closely with sales, delivery consultants, and customer stakeholders to ensure successful outcomes and high satisfaction.

Your primary responsibilities will include:

• Scoping Engagements: Collaborate with sales, partners, and customers to define implementation plans, estimate effort, and create Statements of Work (SOW). Align services to customer needs across SentinelOne product lines, with a focus on AI SIEM and Hyperautomation/SOAR.
  
  
• Solution Design: Architect scalable, secure solutions across SentinelOne’s platform, including the design of AI SIEM data ingestion pipelines, parsing strategies, schema normalisation, and automation workflows that support end-to-end detection and response.
  
  
• AI SIEM Architecture & Normalisation: Define and validate architectural patterns for high-volume data ingestion, telemetry normalisation, parser requirements, and enrichment workflows to ensure consistent, high-fidelity data for analytics and automation.
  
  
• Collaborate with Product Management and Engineering: Partner with the AI SIEM Product team to evaluate new use cases, data models, and integration patterns, ensuring alignment between customer requirements, platform capabilities, and Professional Services delivery readiness.
  
  
• SME Leadership: Act as a cross-platform subject matter expert (SME), supporting delivery teams during complex deployments or escalations while providing technical guidance across endpoint, identity, cloud, and SIEM domains.
  
  
• Collaboration: Work closely with product teams, support engineers, TAMs, and pre-sales solution architects to ensure service offerings evolve in tandem with platform innovation and the increasing complexity of real-world deployments.
  
  
• Enablement: Contribute to internal playbooks, SOW templates, reusable scoping guides, and delivery methodology. Mentor consultants and provide enablement sessions on platform capabilities, AI SIEM best practices, and Hyperautomation frameworks.

Required Skills & Experience

5+ years in customer-facing technical consulting, solution engineering, or architecture roles

• Proven ability to scope, estimate, and structure professional services projects
• Deep experience with SIEM platforms (e.g., Splunk, SentinelOne AI SIEM, Exabeam, QRadar, etc.) and security data ingestion pipelines
• Deep experience with Endpoint Detection and Response: Experience with EDR/XDR tools.
• Familiarity with logging pipelines, normalization (e.g., ECS schemas), and integrations with third-party platforms (e.g., CrowdStrike, Okta, AWS CloudTrail)
• Proficiency in writing customer-facing SOWs
• Excellent communication skills—able to influence technical and business stakeholders alike
• Experience with modern programming languages and use of APIs to drive data ingestion  and SOAR solutions

Preferred Qualifications

• 3+ years of experience architecting Splunk data platforms, having had exposure to other SIEM solutions
• SentinelOne product knowledge or experience strongly preferred
• Security certifications such as CISSP, CCSP, AWS Certified Security – Specialty, or GCLD (GIAC Cloud Defense)
• Familiarity with log shipping agents (e.g., Fluent Bit, Vector, Beats), and SIEM enrichment strategies
• Prior experience working in or with a Professional Services organization at a cybersecurity or SaaS company
• Proficient in automating software processes, extracting data from databases, and skilled in designing and implementing automated software workflows.

What Sets You Apart:

• Bachelor’s degree in Computer Science, Engineering, or related field
• Cross-Platform Fluency: You’re not siloed—you understand how endpoint, identity, SIEM, and cloud security products interconnect and are comfortable designing solutions that span them.
• Scoping Rigor: You bring structure to ambiguity, with a disciplined approach to assessing effort, risks, and dependencies for new deployments.
• Customer Empathy: You balance business needs and technical realities, ensuring that what you scope can be delivered with excellence.
• Mentorship & Enablement: You elevate those around you, whether by helping shape delivery playbooks, training others, or acting as a technical escalation point.
• Strategic Thinking: You anticipate long-term customer needs, including operational scalability, and bake that into the design.
• Role Environment and Expectations: Your ideal environment is one where every engagement is different, every architecture pushes boundaries, and your expertise shapes not just project success, but the future of how security is delivered.

Thought leadership: You contribute to internal frameworks, methodology, and service innovation for AI SIEM and Hyperautomation.

Why us?

You will be joining a cutting-edge company, where you will tackle extraordinary challenges and work with the very best in the industry.

• Medical, Vision, Dental, 401(k), Commuter, Health and Dependent FSA
• Unlimited PTO
• Industry leading gender-neutral parental leave
• Paid Company Holidays
• Paid Sick Time
• Employee stock purchase program
• Disability and life insurance
• Employee assistance program
• Gym membership reimbursement
• Cell phone reimbursement
• Numerous company-sponsored events including regular happy hours and team building events