Staff Supply Chain & Build-System Security Engineer

As a Staff Supply Chain & Build-System Security Engineer be tasked with becoming the trusted advisor customers call when malicious packages hit their build, or when a self-replicating worm crosses their CI/CD trust boundary. You'll work directly on top of the output of our agentic code scanning pipeline, validate supply-chain signals with human judgment, run reachability analyses, and harden the pipelines that ship our customers code into production.

What Will You Do?

Primary responsibilities include:

• Lead Wayfinder Frontier AI Services customer engagements focused on software supply chain risk end-to-end — scope, deliver, and present findings to customer engineering and security leadership.
• Review and triage supply chain findings from our agentic code scanning pipeline, validate true positives, eliminate noise, prioritize by real exploitability in the customer's environment, and ensure every finding that reaches the customer is a decision they can act on.
• Investigate malicious-package incidents: triage suspected compromise, reverse engineer obfuscated install scripts (bun_environment.js-class), identify blast radius, and build customer deliverables.
• Build dependency-graphs and reachability analyses across npm, PyPI, Maven, NuGet, Go modules, and Rust crates, document and prioritize findings
• Build and review SBOMs and AIBOM artifacts
• Deliver recommendations on hardening of customer CI/CD pipelines; GitHub Actions, Pinning, OIDC, Trusted Publisher migration, Harden-Runner deployment, runner identity scoping.
• Cover client-side supply chain risk in customer engagements.

What Skills And Knowledge Will You Bring?

Ideal candidates will have:

• 7+ years in security with a strong concentration in software supply chain, build systems, or product security, plus a credible development background.
• Proven track record translating complex findings into technical and executive-level debriefs. Excellent written and verbal communication is essential.
• Deep npm internals fluency, publish flow, registry mechanics, Trusted Publisher and OIDC for publishing, plus working depth across PyPI, Maven Central, and NuGet.
• Hands-on dependency analysis and reachability-based prioritization across multiple languages.
• Working knowledge of SBOMs, build provenance, and artifact signing, including SLSA, in-toto, and Sigstore, and how to enforce them in a real pipeline.
• Experience hardening build environments, git actions, runner isolation, and locked-down secrets handling
• Hands-on malicious-package triage and static reverse engineering of obfuscated JavaScript and Python.
• Client-side supply-chain investigation experience (Magecart-class, CDN compromise, browser-bundle dependency confusion).
• Experience with AI accelerated development / supply chain scanning methodologies.

Why SentinelOne?

AI is redefining how the world operates and rewriting the rules of security in real time, and SentinelOne was built for this moment. From day one, we architected an AI-native platform designed to operate at machine speed, not as an add-on to legacy systems but as the foundation itself. If you want to build where innovation and impact move together, this is that place.

We invest in our Sentinels with comprehensive, competitive benefits designed to support you and your family:

Equity & Rewards

• Restricted Stock Units (RSUs)
• Employee Stock Purchase Plan (ESPP)

Time Off & Wellbeing

• Flexible time off
• Paid company holidays and paid sick time
• Gender-neutral parental leave
• Grandparent leave

Insurance & Financial Security

• Medical, dental, and vision coverage
• 401(k) retirement plan with company match
• Life and disability insurance
• Health and dependent care FSA
• Voluntary benefits (hospital, accident, critical illness)
• Employee Assistance Program (EAP)
• ARAG pre-paid legal
• Nationwide pet insurance
• Cancer Care program
• Global business travel medical insurance

Work Perks & Flexibility

• Home office allowance
• Mobile phone reimbursement

Wellness & Lifestyle

• Wellness coach
• Wellness/gym reimbursement
• Fertility coverage
• Adoption & surrogacy reimbursement