Manager, InfoSec Governance, Risk & Compliance (Remote)
United States - Remote
Applications have closed
SentinelOne
SentinelOne vereint Endpunkt-, Cloud-, Identitäts- und Datensicherheit. Angereichert durch unseren Security Data Lake für eine nahtlose und effiziente Cybersecurity.About Us:
SentinelOne is defining the future of cybersecurity through our XDR platform that automatically prevents, detects, and responds to threats in real-time. Singularity XDR ingests data and leverages our patented AI models to deliver autonomous protection. With SentinelOne, organizations gain full transparency into everything happening across the network at machine speed – to defeat every attack, at every stage of the threat lifecycle.
We are a values-driven team where names are known, results are rewarded, and friendships are formed. Trust, accountability, relentlessness, ingenuity, and OneSentinel define the pillars of our collaborative and unified global culture. We're looking for people that will drive team success and collaboration across SentinelOne. If you’re enthusiastic about innovative approaches to problem-solving, we would love to speak with you about joining our team!
What We Are Looking For:
We are looking for a highly motivated, collaborative Manager, InfoSec Governance, Risk & Compliance (GRC) with a security-throughout mindset who can balance risk, business drivers and timelines. This position will be responsible for managing the Risk and Compliance team and understanding and supporting the design of SentinelOne's organizational, procedural and technological security controls within the context of the security frameworks applicable to SentinelOne. The selected employee will help implement, automate, document and maintain controls while supporting and responding to inquiries from internal and external stakeholders.
Our Team:
This is a rare opportunity to work with some of the best InfoSec minds on the internal security of a growing information security company! You’ll be working in an industry leading high-tech cybersecurity company. Our global teams are at the front-line of defense against cyberattacks, combining unmatched cyber security knowledge! We’re joined by one mission – but driven by the impact of that mission and what it means to protect our way of life in the digital age. Join a dynamic and fast-paced team that feels excitement at the prospect of a challenge and feels a thrill at resolving security gaps that inhibit our privacy.
What You Will Do:
- Help in evaluating relevant global standards, compliance frameworks and regulations to analyze existing controls; identify areas for improvement; and design control growth
- Participate in internal Security and Compliance program and track recurring controls, such as SSAE 18 SOC 2, ISO 27001/27002
- Help support customer security reviews, RFPs and external security and privacy inquiries
- Help support internal/external audits and evidence collection
- Document new and update existing policies, procedures, standards and resources
- Participate in Security Awareness program, train personnel on data security and privacy-related processes and responsibilities
- Participate in defining, collecting and tracking various Security Metrics
What Skills and Knowledge You Should Bring:
Required Qualifications:
- 10+ years of experience working in Information Security or Compliance
- 5+ years of experience managing InfoSec professionals
- Experience with, and strong understanding of, at least several of the following security compliance frameworks, controls, and best practices: COSO, SSAE 18 SOC 2, SOX ITGC, ISO 27001/27002, GDPR, NIST 800-53, PCI, HIPAA and other applicable regulatory compliance frameworks
- Experience working with Security Controls across at least some of the following domains: Access Management, Encryption, Risk Management, Network Security, Configuration Management, Patch Management, Change Management, Awareness and training, BC/DRP, etc.
- Ability to balance risk, potential impact, resourcing, business drivers, and timelines
- Ability to work closely with cross-functional stakeholders
- Ability to communicate effectively, in writing and verbally, to target audiences, including customers, partners, auditors, executive management, vendors, and peers
- Experience working with both technical and non-technical teams
- Ability and desire to understand the intent of requirements and provide effective recommendations
- Ability to prioritize in a highly dynamic work environment
Preferred Qualifications:
- Advanced degree in computer science, information technology or Information security
- Relevant certifications (e.g., ISO 27001 LA/LI, CISA, CISM, CISSP, CEH, CCSK, etc.)
- Ability to assess and pragmatically define scope and relevant controls
- Strong desire to learn and continuously develop and deepen technical skills
#LI-AK3
SentinelOne is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.
SentinelOne participates in the E-Verify Program for all U.S. based roles.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits CEH CISA CISM CISSP Compliance Computer Science Encryption GDPR Governance HIPAA ISO 27001 Network security NIST Privacy Risk management SOC SOC 2
Perks/benefits: Startup environment Transparency
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Specialist jobs
- Open Security Researcher jobs
- Open Chief Information Security Officer jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open IT Security Engineer jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open CISM-related jobs
- Open Pentesting-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open DevSecOps-related jobs
- Open CI/CD-related jobs