About Us:

SentinelOne was formed by an elite team of cyber security and defense experts from IBM, Intel, Check Point, Cylance, McAfee, and Palo Alto Networks. SentinelOne is shaping the future of endpoint security through its unified, converged platform that automatically prevents, detects, and responds to threats in real-time. Our unique approach is based on deep inspection of all system processes combined with innovative machine learning to quickly isolate malicious behaviours, protecting devices against advanced, targeted threats in real time. 

Our company is built upon a foundation of team-players with innovative problem solving skills. We operate with the utmost integrity to represent the SentinelOne brand and support the 'good' within the cyber community. As we enter our next phase of hyper-growth, we're looking for people that will go the extra mile and join in our passion for building a bigger and better SentinelOne.  If you are enthusiastic about cybersecurity and have a growth mentality, we would love to speak with you about joining our team!

The Team:

This is a rare opportunity to work with some of the best infosec minds on the internal security of a growing information security company! You’ll be working in an industry leading high-tech cybersecurity company. Our global teams are at the front line of defense against cyberattacks, combining unmatched cyber security knowledge! We’re joined by one mission – but driven by the impact of that mission and what it means to protect our way of life in the digital age. Join a dynamic and fast-paced team that feels excitement at the prospect of a challenge and feels a thrill at resolving security gaps that inhibit our privacy.

What are we looking for?

We are looking for a highly motivated, collaborative and experienced Infosec VRA Program Manager  a security throughout mindset who can balance risk, business drivers and timelines. This position will be responsible for understanding and supporting the design of SentinelOne's organizational, procedural and technological security controls within the context of the security frameworks applicable to SentinelOne.  The selected employee will help implement, automate, document and maintain controls while supporting and responding to inquiries from internal and external stakeholders. 

What will you do? 

• Participate in internal security and compliance program and track recurring controls, such as SSAE 18 SOC 2, ISO 27001/27002
• Represent the infosec Vendor Risk management team  in the negotiation of information security contracts with external third parties/vendors
• Work with legal team in developing and reviewing vendor security contract templates
• Develop security questionnaires (e.g. SIG) tailored to vendor’s risk tiers
• Review and manage  responses from external parties, receiving and responding to supporting artifacts
• Review and assess audit reports (e.g. SOC 2) and other reports (e.g. system audit logs, pen tests)
• Develop risk mitigation plans for vendors and evaluate security risk tiering/prioritization 
• Provide risk remediation recommendations that the business and technology may implement to mitigate identified control gaps

 What skills and knowledge you should bring?

• 4+ years of experience working in information security or compliance
• Working experience with ISO 27001, SSAE 16/18 SOC 2, SOX ITGC
• Experience working with Security Controls across at least some of the following domains: Access Management, Encryption, Risk Management, Network Security, Configuration Management, Patch Management, Change Management, Awareness & training, BC/DRP, etc.
• Ability to balance risk, potential impact, resourcing, business drivers, and timelines
• Ability to work closely with cross-functional stakeholders
• Ability to communicate effectively, in writing and verbally, to target audiences, including customers, partners, auditors, executive management, vendors, and peers
• Experience working with both technical and non-technical teams
• Ability and desire to understand the intent of requirements and provide effective recommendations
• Ability to prioritize in a highly dynamic work environment 

Preferred Qualifications:

• Advanced degree in computer science, information technology or Information security
• Experience with, and strong understanding of, at least several of the following security compliance frameworks, controls, and best practices: COSO, SOC 2, SOX ITGC, ISO 27001/27002, GDPR, NIST and other applicable regulatory compliance frameworks 
• Relevant certifications (e.g., ISO 27001 LA/LI, CISA, CISM, CISSP, CEH, CCSK, etc.)
•  Ability to assess and pragmatically define scope and relevant controls
• Strong desire to learn and continuously develop and deepen technical skills

Why us?

You will work on real-world problems and make an impact by protecting our customers from cyber threats. You will be joining a cutting-edge project and will be able to influence the architecture, design, and structure of our core platform. You will tackle extraordinary challenges and work with the very BEST in the industry.

• Medical, Vision, Dental, 401(k), Commuter, Health and Dependent FSA
• Unlimited PTO
• Paid Company Holidays
• Paid Sick Time
• Gym membership reimbursement
• Cell phone reimbursement
• Numerous company-sponsored events including regular happy hours and team building events

SentinelOne is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.