Staff DevSecOps Engineer

About Us:

SentinelOne is defining the future of cybersecurity through our XDR platform that automatically prevents, detects, and responds to threats in real-time. Singularity XDR ingests data and leverages our patented AI models to deliver autonomous protection. With SentinelOne, organizations gain full transparency into everything happening across the network at machine speed – to defeat every attack, at every stage of the threat lifecycle. 

We are a values-driven team where names are known, results are rewarded, and friendships are formed. Trust, accountability, relentlessness, ingenuity, and OneSentinel define the pillars of our collaborative and unified global culture. We're looking for people that will drive team success and collaboration across SentinelOne. If you’re enthusiastic about innovative approaches to problem-solving, we would love to speak with you about joining our team!

About the role

SentinelOne is looking for a DevSecOps Engineer to create and deploy Secure Software Development Lifecycle (SSDL) practices throughout the company. This engineer should have a background in DevOps and Application Security Assurance and expertise developing/deploying proactive security solutions. We need a highly motivated technical security expert to join SentinelOne’s InfoSec team to solve the problems of tomorrow while continuing to build and secure the foundations of today. You will work with various cutting-edge technologies to research, design, and implement defenses to secure and protect SentinelOne’s critical infrastructure and applications.

What will you do?

• Build the security strategy governing the applications and cloud-based platform infrastructure
• Collaborate with Infrastructure, DevOps, InfoSec and Application Engineers to understand the product, technology and business needs
• Define and own guidance, alerts, and security as code deployments, to provide protection from malicious traffic, vulnerabilities, and other attack vectors
• Simplify automation that applies security inter-workings with CI/CD pipelines
• Support the ability to “shift left” and incorporate security early on and throughout the development lifecycle including threat modeling and developer IDE security features.
• Architect procedures to automate security tasks which integrate into code builds and deployments
• Build security utilities and tools for internal enabling the AppSec team to operate at high speed and wide scale
• Build and maintain monitoring, auditing, and reporting frameworks that produce artifacts that support security and compliance needs
• Select new application security tools including vendor/tool assessments, and conduct full POC to prove that the security solutions/products are fit-for-purpose and fit-for-use
• Research security industry trends and best practices to share with the organization through presentations and training sessions

What skills & knowledge should you bring?

• 5+ years working in DevOps, DevSecOps, Application Security, or related field 
• Experience working with development and infrastructure teams in agile workflows, including Scrum and Kanban
• Experience with design, implementation, and rollout of DevSecOps automation and toolchain
• Experience building highly scalable, reliable internal CI/CD processes, platforms, and tools
• Understanding of containerized compute (e.g., Docker) and container orchestration (e.g., Docker Swarm, Kubernetes)
• Understanding of CloudFormation, Terraform, Ansible and Jenkins, and experience developing infrastructure as code
• Proficient securing Windows and *nix operating systems, applications, networking protocols and devices under a baseline requirement framework
• Experience with operations and security across Amazon Web Services (AWS), Microsoft Azure and Google Cloud Platform (GCP)
• Background and experience in SonarQube, Artifactory, Bamboo are desirable
• Understanding of OWASP, CVSS, the MITRE ATT&CK framework and the software development lifecycle (SDC) and how to balance the recommendations of each against business priorities
• Strong software engineering skills, a love for solving large complex problems, and ready to research, document, troubleshoot, and diagnose problems
• Passion for building tools that accelerate processes and improve engineering effectiveness
  
  

What we offer you

Salary from 5000 EUR/month.
Yearly % bonus depending on the performance of the company, paid out in 2 installments.
*The final base salary component can be increased accordingly to individual skills and experience of the selected candidate.

On top of that you may look forward to:

• Flexible working hours & Full remote within Slovakia; optional membership in Regus co-working spaces; in Czechia we also have offices in Prague or Brno
• Generous employee stock plan in the form of RSUs (restricted stock units)
• Flexible Time Off (on top of the standard 5 weeks of vacation)
• Flexible Paid Sick Days
• Fully Paid Short Term Sick/Short Term Nursing Leave
• Global gender-neutral Parental Leave (16 weeks, beyond the leave provided by the local laws) & Grandparent Leave
• Volunteering paid day off & Additional paid Company holidays and Wellness days off (e.g. 6 days in 2022)
• Pension insurance contribution
• Premium Life Insurance covered by S1
• Cafeteria points (5.000 CZK/month), which you can spend on leisure & sports, kindergarten/school fees, travel etc. 
• Private medical care membership
• Global Employee Assistance Program (confidential counseling related to both personal and work life matters)
• High-end MacBook or Windows laptop, Home-office-setup gear & on top of that additional WFH Allowance
• Udemy Business platform for Hard/Soft skills Training & Support for your further educational activities/trainings
• Above-standard referral bonus
• Yearly bonus depending on the performance of the company
• On top of RSUs, you can benefit also from our attractive ESPP (employee stock purchase plan)
• Refreshments & snacks at the offices
• Optional company events for those who like to meet outside of work too (sport, BBQ, charity, offsite etc.)

SentinelOne is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

SentinelOne participates in the E-Verify Program for all U.S. based roles.