How often are new jobs added?

New internships are added continuously throughout the day. We monitor company career pages and hiring tools in real time, so most roles appear on InternshipsHQ shortly after they’re posted.

Why can I only view a limited number per day on the free plan?

The free plan is designed to let you explore the platform and see how fresh the listings are. Limits help us prioritize serious applicants and keep the signal high. Pro removes these limits and gives you full access.

What sources do you pull internships from?

We source internships directly from company career pages, startup hiring platforms, and applicant tracking systems like Greenhouse, Lever, Ashby, Workable, and others. This helps us surface roles earlier and avoid repost-heavy job boards.

Are these internships legitimate?

Yes. We actively filter out expired, duplicate, misleading, and low-quality listings. Each role is checked for legitimacy and posting freshness so you’re not wasting time on dead or fake opportunities.

Can I filter by location, experience level, remote, or salary?

Yes. You can filter internships by role, location, experience level, remote or hybrid status, and pay when available. Pro users get access to more advanced and saved filters.

Why are early alerts so important?

For internships, timing matters more than volume. Most callbacks happen when roles are still new and applicant pools are small. Early alerts help you apply before listings get flooded.

Do you show salary or pay information?

When companies include pay information, we display it clearly. Not all internships list salary upfront, but we prioritize transparency whenever the data is available.

Is InternshipsHQ suitable for senior or experienced roles?

InternshipsHQ is primarily built for internships, entry-level, and early-career roles. If you’re looking for senior or leadership positions, you may find limited results here.

INTERNSHIP DETAILS

Wayfinder Threat Hunting Intern

CompanySentinelOne

LocationUnited States

Work ModeRemote

PostedApril 14, 2026

Internship Information

Core Responsibilities

The intern will support senior threat hunters in designing and executing hypothesis-driven hunts across various environments to uncover advanced adversary behavior. They will also assist in triaging findings, documenting investigative methodologies, and drafting technical reports to improve detection capabilities.

Internship Type

full time

Company Size

3180

Visa Sponsorship

Language

English

Working Hours

40 hours

Apply Now →

You'll be redirected to
the company's application page

About The Company

SentinelOne is the world's leading AI-powered cybersecurity platform. The SentinelOne Singularity platform, built on the first unified Data Lake, is revolutionizing security operations, with AI, solving use cases across Endpoint Protection, SIEM, Cloud Security, Identity Threat Detection and 24x7 Managed Threat Services. SentinelOne empowers the world to run securely by creating intelligent, data-driven systems that think for themselves, stay ahead of complexity and risk, and evolve on their own. Leading organizations—including Fortune 10, Fortune 500, and Global 2000 companies, as well as prominent governments – trust SentinelOne to Secure Tomorrow™. Learn more at sentinelone.com. ----------------------------------------------------------------------------- We are recognized in leading 3rd party forums such as; - Gartner Endpoint Protection Magic Quadrant as a Leader 2021, 2022, 2023, 2024, 2025 - Gartner Peer Insights Customer Choice for Endpoint Protection - Gartner Peer Insights Customer Choice Managed Detection & Response - Gartner Peer Insights Customer Choice Cloud-Native Application Protection Platform (CNAPP) - G2 #1 Ranked Cloud Workload Protection Platform - Mitre ATT&CK 100% Detections, No Delays 2020, 2021, 2022, 2023, 2024 - Mitre Managed Services 100% Major Step Detections - Fortune Fifty 2024 - Deloitte Fast 500; 2019, 2020, 2021, 2022, 2023, 2024 - CRN Cloud & Security 100 - CRN Most Influential CEO's - CRN Top 10 Coolest GenAI Products, PurpleAI To learn more about our products and services, please visit our website at sentinelone.com to schedule a demo

About the Role

Our Purpose

At SentinelOne, we are driven by a clear purpose: to give the advantage to those who secure our future. As AI reshapes how organizations build, operate, and innovate, the responsibility to protect them becomes more critical than ever. When you join SentinelOne, your work helps protect global enterprises, critical infrastructure, and the technologies shaping tomorrow. If you are motivated by meaningful challenges and want your impact to be real, measurable, and global, you will find purpose here.

About Us

SentinelOne is a company at the intersection of AI and security, pioneering a new operating model for cybersecurity. Our AI-native platform unifies protection across endpoint, cloud, identity, data, and AI systems to deliver autonomous detection and response with clarity and speed. By combining real-time analytics, intelligent automation, and a unified data foundation, we reduce noise, simplify complexity, and empower security teams to focus on what truly matters.

Our teams are builders, problem-solvers, and innovators committed to shaping the future of security. If you are excited to solve hard problems alongside talented, mission-driven people, we invite you to help us build a safer future for humanity.

What Are We Looking For?

We’re looking for people who are relentlessly curious and committed to continuous learning. AI is reshaping every function across our business, and we enable every team member, regardless of role or level, to build fluency in AI tools and concepts. Those who thrive here actively seek out new solutions, experiment thoughtfully, and apply what they learn to drive better, faster, smarter outcomes.

As a Wayfinder Threat Hunting Intern, you will support senior threat hunters in delivering SentinelOne’s proactive threat hunting services across commercial and FedRAMP‑authorized environments. You’ll help research emerging threats, assist with building and testing hunt queries, and learn how we convert intelligence and hypotheses into high‑fidelity detections, Flash Reports, and client‑ready insights.

What Will You Do?

Primary responsibilities include:

Assist with threat hunting and hunt content:
- Help senior hunters design and refine hypotheses‑driven hunts and reusable rules aligned with the MITRE ATT&CK framework, with a strong emphasis on EDR telemetry across Windows, macOS, and Linux.
- Support execution of proactive hunts across endpoints and related telemetry to uncover living‑off‑the‑land techniques, stealthy persistence, and other advanced adversary behavior.
Support emerging threat response and periodic hunts:
- Contribute to research on emerging threats (e.g., major zero‑days or KEVs), helping senior hunters map relevant TTPs and draft focused hunt logic and validation steps.
- Assist with preparing and running Emerging Threat and hypothesis‑based campaigns across client environments using various workflows.
IOC lifecycle and Synapse operations:
- Curate and operationalize relevant IOCs/TTPs from CTI, Labs research, and OSINT into hunts and, when appropriate, convert those into platform detections.
- Support efforts to identify coverage gaps and propose additions or exclusions based on hunt results and analyst feedback.
Triage, analysis, and collaboration:
- Review batched hunt findings with related tools, assisting senior hunters with initial triage, enrichment, and classification (benign, suspicious, threat) under guidance.
- Partner with various supporting teams to share observations about hunts findings, potential tuning opportunities, and candidate rules for platform detections.
Documentation, reporting, and enablement:
- Document investigative hypotheses, methodology, and findings within internal knowledge bases and project management platforms to ensure team-wide alignment and continuous improvement.
- Assist in drafting technical summaries and reports that detail notable threats, including scope, impact, and recommended mitigations, under the mentorship of senior analysts.
- Help maintain and update team playbooks and standard operating procedures (SOPs) to reflect new findings and streamlined workflows.

What Skills and Knowledge Will You Bring?

Ideal candidates will have:

Strong written and verbal communication skills, with the ability to clearly document analysis, summarize findings, and collaborate with distributed teams across MDR, IRR, Detection Engineering, and Threat Intelligence.
Progress toward a degree in Computer Science, Cybersecurity, Information Security, or a related technical field, or equivalent practical experience.
Foundational experience with security operations concepts. For example, familiarity with EDR/XDR or SIEM tooling, basic SOC workflows, or prior lab/internship experience in threat hunting, incident response, or security analysis.
Comfort working with EDR‑style telemetry (process, file, network, and persistence data) and an interest in learning how to turn that telemetry into effective hunts and detections.
Basic proficiency with at least one scripting or query language (such as Python, PowerShell, Bash, SQL, or a log query language), and an interest in using code and queries to test hypotheses and analyze large datasets.
Exposure to MITRE ATT&CK or similar frameworks, and curiosity about adversary TTPs, campaign tracking, and how CTI (threat intelligence) is operationalized into hunts.
A growth mindset, strong attention to detail, and a willingness to work within structured processes (including FedRAMP‑aligned procedures) while still thinking creatively about new hunt ideas and improvements.

Why SentinelOne?

AI is redefining how the world operates and rewriting the rules of security in real time, and SentinelOne was built for this moment. From day one, we architected an AI-native platform designed to operate at machine speed, not as an add-on to legacy systems but as the foundation itself. If you want to build where innovation and impact move together, this is that place.

Our global internship program trains the next-generation of cybersecurity talent across a range of specializations, from threat intelligence to information security, engineering and marketing. Interns can learn about the network security industry from leading thinkers, grow their professional networks, and be part of a career-defining experience including:

1:1 mentorship
The opportunity to expand your knowledge and work on challenging projects
Training and Development opportunities
Connections to other recent grads, and employees across the company
Leadership speaker series where you can learn about other areas of the business and ask questions to the senior leadership team and industry experts
Fun events!

This U.S. role has a base pay range that will vary based on the location of the candidate. For some locations, a different pay range may apply. If so, this range will be provided to you during the recruiting process. You can also reach out to the recruiter with any questions.

Base Salary Range

$25—$25 USD

SentinelOne is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

SentinelOne participates in the E-Verify Program for all U.S. based roles.

Key Skills

Threat huntingEDRXDRSIEMPythonPowerShellBashSQLMITRE ATT&CKCybersecurityIncident responseTelemetry analysisData analysisSecurity operationsCTITechnical documentation