SentinelOne (S) is one of the most technically ambitious companies in enterprise cybersecurity. Built on an AI-native endpoint detection and response (EDR) architecture, SentinelOne has grown from a pure EDR player to a full XDR/SIEM platform through organic development and acquisitions. With roughly 2,000 employees in Bengaluru and Pune, SentinelOne India is growing fast and working on some of the most sophisticated security engineering problems in the industry: autonomous AI threat detection, cloud security posture, data ingestion at petabyte scale, and Purple AI — the company's AI security analyst capability. If you're a SentinelOne engineer in India with RSUs, you're holding stock in a high-growth, pre-profitability security company with generous equity grants and meaningful execution risk. This guide covers all of it.
SentinelOne in India: Offices, Cities & Scale
SentinelOne's Bengaluru office is the largest India site with approximately 1,500 employees. The Bengaluru team is embedded in the company's core product engineering — Singularity platform development (the EDR/XDR core), Purple AI engineering (the AI-driven security analyst capability), cloud security research, and threat intelligence engineering. SentinelOne's Bengaluru presence is newer than peers like Cloudflare or Cadence — the company was founded in 2013 and India operations scaled up significantly post-IPO (June 2021).
Pune hosts roughly 500 employees covering data engineering, SIEM ingestion pipeline development, and customer success engineering. SentinelOne's data platform (the backend that ingests, processes, and queries security telemetry at scale) is a critical engineering challenge, and the Pune team plays a significant role in this infrastructure.
SentinelOne's headcount growth in India has been strong but has also followed the company's broader pattern of disciplined growth investment — the company has been managing its cash burn rate carefully as it works toward profitability. India hiring in 2024–2026 has been more selective than in the 2021–2022 period, focusing on senior engineers in AI security and cloud security rather than broad engineering headcount expansion.
- →Bengaluru (~1,500): Singularity EDR/XDR, Purple AI, cloud security research, threat intelligence
- →Pune (~500): SIEM data ingestion, data platform engineering, customer success
- →India hiring has been selective post-2022 — focus on senior AI security and cloud security engineers
- →Company still pre-GAAP profitability — managing cash burn while growing ARR creates specific risk profile
- →India presence scaled primarily post-IPO (June 2021) — most India employees have post-IPO equity
Department Mix: AI Security Engineering at the Core
SentinelOne India is predominantly engineering, with approximately 75–80% of India headcount in software engineering, AI/ML research, data engineering, and security research roles. The company has made a strategic bet on AI-native security — using machine learning to detect threats autonomously rather than relying on signature-based detection. This bet requires serious AI/ML talent, and SentinelOne Bengaluru competes with Google, Microsoft, and AI startups for machine learning engineers.
The Purple AI team is SentinelOne's most strategically important product group in India. Purple AI is an AI security analyst that can answer natural-language security questions ("Show me all login events from unknown devices in the last 30 days"), generate threat hunt queries, and summarise security incidents. Engineers on this team receive the company's most competitive equity packages and have the highest external market value.
The threat intelligence team in Bengaluru does original security research — discovering and publishing new attack techniques, reverse-engineering malware, and tracking threat actor TTPs. This is specialised work that requires deep technical expertise and receives strong equity grants. Sales and customer success in India (roughly 15–20% of headcount) support India and APAC enterprise accounts and receive mid-range equity packages. Operations and support make up the remainder.
- →~75–80% engineering; AI/ML, security research, data platform are the highest-equity roles
- →Purple AI team (AI security analyst) is highest equity priority — competes with Google and OpenAI for AI talent
- →Threat intelligence team (security research) receives strong grants for rare specialised expertise
- →Sales/customer success (~15–20%) receive mid-range equity packages
Who Gets RSUs: Levels & Grant Amounts
SentinelOne uses a Software Engineer leveling scale (SWE1 through SWE6). RSU grants become meaningful at SWE2 (roughly 2–4 years of experience). SentinelOne is known for generous equity grants relative to its size — the company views equity as a primary recruitment and retention tool in a competitive market.
At SWE2, initial grants are typically $40,000–$75,000 over four years. Senior Software Engineer (SWE3) grants are $75,000–$140,000. Staff Engineer (SWE4) initial grants are $140,000–$250,000. Principal Engineer (SWE5) and above can receive $250,000+. These are above-market for a company at SentinelOne's revenue scale (~$800M ARR), reflecting the competitive pressure from Google Cloud Security, Microsoft Defender, and CrowdStrike for the same engineering talent.
SentinelOne also provides annual refresh grants for strong performers. The company's equity compensation philosophy is explicitly aggressive — internal equity teams track competing offers and aim to match or beat them. One important nuance: because SentinelOne has been loss-making on a GAAP basis, the stock has been more volatile than profitable peers. Grant-date values in 2021 (when S stock reached $70+) and current vest values (at a significantly lower price) can differ substantially — the perquisite tax is always on vest-date FMV.
- →SWE2: $40,000–$75,000 over 4 years; SWE3: $75,000–$140,000; SWE4: $140,000–$250,000
- →SWE5+ (Principal): $250,000+ — above-market for SentinelOne's revenue stage
- →Equity philosophy is explicitly aggressive — internal teams track competing offers and match them
- →2021 grants at $70+ per share; current vest values at significantly lower prices — plan tax conservatively
Understanding Your SentinelOne Vest Schedule
SentinelOne RSUs vest quarterly over 4 years with a 1-year cliff. Standard structure: 25% at the 12-month anniversary, then 6.25% per quarter for 36 months. For an SWE3 with a $100,000 initial grant, the cliff vest at month 12 is $25,000 in S shares. Subsequent quarterly vests are $6,250 at grant-date price.
S stock volatility is high — the stock has traded from $70 (2021 peak) to below $15 (2023 trough) and has recovered toward $20–30 by 2025–2026. This means for engineers who received grants in 2021–2022 at high grant prices, their actual quarterly vest values have been significantly below the grant-date implied value. This is not unusual for growth-stage security companies, but it means financial planning should use conservative (current price-based) estimates rather than grant-date values.
SentinelOne provides refresh grants annually for strong performers, typically granted in the company's Q1 (February for SentinelOne's January fiscal year end). Engineers who are strong performers have accumulated overlapping tranches and see meaningful quarterly vests from multiple concurrent grant schedules. When evaluating whether to accept a competing offer, model all tranches in your E*TRADE account — not just the initial grant — to get an accurate picture of your total unvested equity value.
SentinelOne's stock traded below its IPO price for extended periods in 2022–2023. Engineers who received $100,000 grants in 2021 at $65/share saw quarterly vests worth $4,000–5,000 when the stock was at $15. The perquisite tax was calculated on the actual (lower) vest-date FMV, not the grant-date implied value — so the tax bill was proportionally lower. Always use vest-date FMV for tax planning, never grant-date value.
- →1-year cliff, quarterly vest for 36 months thereafter — standard structure
- →S stock volatility is extreme — plan using current price, not grant-date price, for financial projections
- →Annual refreshes for strong performers — build a tranche inventory in E*TRADE for accurate unvested valuation
- →January fiscal year end — refresh grants typically issued in February
The Tax Reality for SentinelOne RSU Holders
The standard Indian perquisite tax framework applies. At each quarterly vest, SentinelOne shares' closing NYSE price converted to INR at SBI TT buying rate is added to salary as perquisite income. SentinelOne India deducts TDS via sell-to-cover. The net shares are deposited in your E*TRADE account post-TDS.
For SentinelOne employees, the quarterly vest income adds to salary in 4 lumps per year. Because S stock has been volatile, the total annual perquisite income from RSU vests can vary significantly year-to-year. In a strong stock year, four quarterly vests might add ₹8–15 lakh to income; in a weak stock year, the same share count might add ₹3–6 lakh. This variability makes advance tax planning at SentinelOne more complex than at stable-stock peers — the safest approach is to calculate advance tax based on the most recent quarterly vest run-rate, then adjust at each instalment if the stock has moved significantly.
Capital gains: cost basis is vest-date FMV. LTCG (24+ months from vest): 12.5% without indexation. STCG (<24 months): 30%. Given S's history of multi-year recovery cycles (from peak to trough and back can take 3+ years), the LTCG window holds real potential for appreciation-plus-tax-efficiency for patient holders. Schedule FA is mandatory. Advance tax quarterly instalments should be calibrated to the most recent vest event's value, not an annual average.
Most-missed mistake at SentinelOne India: calculating advance tax in June based on the year's projected salary income, then receiving a large Q3 vest when S stock surged, and underpaying September advance tax as a result. Pay advance tax within 15 days of each quarterly vest event to ensure your instalments stay current and avoid Section 234C interest.
- →Quarterly vest adds income in 4 lumps per year; advance tax each instalment should reflect latest vest value
- →S stock volatility creates year-to-year perquisite income swings — conservative planning essential
- →LTCG (24+ months): 12.5%; STCG (<24 months): 30%; Schedule FA mandatory
- →Recovery cycles at SentinelOne can take 2–3 years — 24-month LTCG window is achievable for patient holders
What SentinelOne Employees Typically Do
SentinelOne India employees are generally young (the company is only 10 years old), technically sophisticated, and equity-aware. Many joined specifically because of the equity upside narrative — the company's IPO story was compelling and the growth metrics were strong. This creates higher-than-average financial engagement with RSU management compared to employees at older, mature companies.
The dominant pattern for engineers who joined in 2021–2022 is frustrated patience. They received grants at high implied values, watched the stock decline, and are now waiting for recovery while continuing to vest. Some have adopted a systematic sell-at-vest discipline after watching friends hold through the downturn; others continue to hold hoping for full recovery. The recovery-waiting pattern is the most financially risky.
Engineers who joined in 2023–2024 at lower base prices are in a better financial position and show more rational equity behaviour. They're benefiting from quarterly vests at prices above their grant-date price (or at breakeven) and are more likely to sell portions systematically rather than hold for a full recovery narrative. The Bengaluru AI/security research community also has a strong professional network on LinkedIn, which means SentinelOne engineers are more aware of what competing companies are offering.
- →2021–2022 cohort: frustrated patience, recovery-waiting pattern — hold-until-ATH is the main trap
- →2023–2024 cohort: better financial position, more rational sell-partial-at-vest behaviour
- →Young, equity-aware engineers — higher financial engagement than at mature software companies
- →Strong LinkedIn network awareness of competing offers keeps SentinelOne equity competitive
The Smart Approach to SentinelOne RSUs
SentinelOne's high volatility and growth-stage risk profile call for disciplined diversification. The recommended framework: sell 65% of each quarterly vest immediately. Hold 35% toward the 24-month LTCG window if you have conviction in SentinelOne's AI security thesis. Do not let the previous high price of S influence your hold/sell decision — evaluate the stock on its current forward multiple versus growth rate.
For recovery-waiters from the 2021–2022 cohort: if you have been holding vested shares for more than 24 months (and many of you have, given 2021 vests are now 4+ years ago), you may already be LTCG-eligible on old tranches. Check your E*TRADE account, identify the vest dates of your oldest lots, and sell the LTCG-eligible lots systematically to reduce concentration. The recovery you're waiting for may or may not materialise on your timeline — but the LTCG benefit is available now.
For all SentinelOne India employees: Purple AI and the broader AI-native security thesis is a real and growing market. There is a reasonable investment thesis for holding some S. But there is no reasonable portfolio management thesis for holding 40–60% of your liquid net worth in a single pre-profitability, high-volatility security company. Use Rovia for quarterly repatriation at 0% markup, and invest diversified proceeds in US equity index funds and Indian instruments.
- →Sell 65% of each quarterly vest immediately; hold 35% toward 24-month LTCG date
- →2021–2022 cohort: check E*TRADE for LTCG-eligible lots (vest date 24+ months ago) and sell those first
- →Evaluate S on forward P/S vs growth rate — not on distance from 2021 ATH
- →Quarterly repatriation at Rovia 0% markup; invest in diversified US index + Indian instruments
- →Track every vest tranche's 24-month LTCG date in a simple calendar
- →Model full unvested equity value (all tranches) before considering any job change
Concentration Risk: SentinelOne-Specific Scenarios
SentinelOne's concentration risk is among the highest on this list. The company is loss-making, high-valuation, competing against Microsoft and CrowdStrike, and has demonstrated extreme stock volatility. The combination of these factors means that concentrated S exposure above 15% of portfolio is genuinely high-risk.
CrowdStrike's "Falcon Everywhere" strategy (bundling EDR, cloud security, identity protection, and SIEM into a single platform) directly overlaps with SentinelOne's product roadmap. Microsoft's Defender for Endpoint and Sentinel SIEM are included in M365 E5 licensing, which enterprises may already be paying for. The competitive threat is not theoretical — SentinelOne's win rate against CrowdStrike and Microsoft Defender in enterprise deals is a real operational metric that investors track closely.
A realistic downside scenario: S's revenue growth decelerates from 30% to 18%, operating losses don't improve as expected, and the P/S multiple compresses from 10x to 6x. That's a 40% stock decline on growth deceleration alone. For an SWE3 in Bengaluru with $80,000 in vested S stock, that's a ₹27 lakh real loss. Combined with unvested stock and the implicit career exposure, the total SentinelOne financial exposure for a mid-tenure employee can easily exceed ₹1.5 crore.
SentinelOne is building genuinely important technology in a genuinely growing market. But "good company" and "good concentrated stock position" are not the same thing. Keep S below 15% of your total portfolio and treat every dollar above that threshold as a risk management problem, not a conviction trade.
- →S traded from $70 (2021) to below $15 (2023) — an 80% peak-to-trough is in its history
- →Microsoft (Defender + Sentinel) and CrowdStrike (Falcon) are well-capitalised direct competitors
- →40% correction on growth deceleration on $80,000 holding = ₹27 lakh real loss
- →Pre-profitability status means any macro tightening accelerates path-to-profitability pressure on the stock
Getting Money Home: FX & Repatriation
SentinelOne's equity plan is administered through E*TRADE (Morgan Stanley at Work). Quarterly vest sales proceed through the standard E*TRADE platform. USD proceeds settle T+2 and are available for wire transfer to India under LRS ($250,000 per financial year limit).
Because SentinelOne vests quarterly, you have 4 repatriation opportunities per year. The recommended cadence is quarterly — repatriate within 2 weeks of each vest event. This keeps your USD exposure in India's FX pipeline manageable and avoids the year-end scramble of a large single annual transfer. For transfers above $25,000 (common for SWE3+ at current S prices and grant levels), 15CA certificates are required from your CA. For amounts above ₹5 lakh INR equivalent, 15CB may also be required.
SBI's TT rate for USD-INR conversion carries a 1.5–2.5% spread above the interbank mid-rate. On a $10,000 quarterly repatriation, that's ₹12,500–21,000 in unnecessary conversion cost per quarter — or ₹50,000–84,000 per year. Over a 4-year employment at SentinelOne, the compounding of that FX inefficiency is meaningful. Use Rovia's 0% markup service for each quarterly transfer.
- →E*TRADE (Morgan Stanley at Work) is SentinelOne's equity platform
- →Quarterly repatriation cadence recommended — aligns with vest schedule, avoids large year-end transfers
- →Annual FX savings using Rovia vs SBI TT rate: ₹50,000–84,000 for SWE3+ quarterly transfers
- →15CA required for transfers above $25,000; 15CB may be required above ₹5 lakh — build 3–5 day CA lead time
Stock Sentiment at SentinelOne India
Sentiment at SentinelOne India in mid-2026 is bifurcated — enthusiastic about the technology, measured about the stock. Purple AI has generated genuine internal excitement: the ability to ask natural-language questions of your security telemetry and get actionable answers is a real capability leap, and engineers working on it feel like they're building something meaningful. The AI-native security thesis is resonant in a way that pure EDR was not.
The stock performance since IPO has been a mixed experience. Engineers who joined in 2021–2022 have largely made peace with the gap between grant-date implied values and actual vest values. The culture at SentinelOne Bengaluru is mission-driven enough that most engineers stay because of the work, not primarily because of the equity. This is a positive sign for product quality but can also mean financial passivity about equity management.
Competition anxiety surfaces regularly in internal forums, particularly around CrowdStrike's Falcon platform bundling and Microsoft's Defender integration with Azure Sentinel. The internal response is confidence in SentinelOne's AI differentiation — the argument being that CrowdStrike's detection relies on human-written rules while SentinelOne's AI model runs autonomously. Whether this differentiation holds in enterprise procurement decisions is the key question engineers and investors alike are watching in 2026.
- →Purple AI is a genuine morale and excitement driver — natural-language security queries are a real product advance
- →Stock experience has been mixed since IPO; most 2021–2022 cohort has made peace with below-grant-price vests
- →Culture is mission-driven (fighting cyber threats), not primarily equity-driven — financial passivity is a side effect
- →CrowdStrike bundling and Microsoft Defender integration are the primary competitive anxieties in internal forums
This guide is for informational purposes only and does not constitute financial, tax, or investment advice. Figures are estimates based on publicly available information. Always verify with a SEBI-registered financial advisor and a CA familiar with foreign asset taxation.