Information Security Risk Analyst II
SentinelOneEndpoint security software that defends every endpoint against every type of attack, at every stage in the threat lifecycle
SentinelOne is defining the future of cybersecurity through our XDR platform that automatically prevents, detects, and responds to threats in real-time. Singularity XDR ingests data and leverages our patented AI models to deliver autonomous protection. With SentinelOne, organizations gain full transparency into everything happening across the network at machine speed – to defeat every attack, at every stage of the threat lifecycle.
We are a values-driven team where names are known, results are rewarded, and friendships are formed. Trust, accountability, relentlessness, ingenuity, and OneSentinel define the pillars of our collaborative and unified global culture. We're looking for people that will drive team success and collaboration across SentinelOne. If you’re enthusiastic about innovative approaches to problem-solving, we would love to speak with you about joining our team!
What Are We Looking For?
We are looking for a highly motivated, collaborative, and experienced Information Security Risk Analyst, with a “security throughout” mindset who can balance risk, business drivers, and timelines. Reporting to the Sr. Manager of Governance, Risk & Compliance, this position will be responsible for understanding and supporting the design of SentinelOne's organizational, procedural, and technological security controls within the context of security frameworks applicable to SentinelOne.
What Will You Do?
- Evaluate relevant global standards, compliance frameworks, and regulations to analyze existing controls, identify areas for improvement, and design control growth.
- Participate in information security pre-sales and post-sales support cycles.
- Maintain an up-to-date pre-sales packet - knowledge base of all security-related questions and responses.
- Work with the Legal team to review and respond to information security requirements in customer MSAs / contracts / SOWs.
- Review and respond to customer security questionnaires, RFPs / RFIs, and external security inquiries.
- Participate in internal security and compliance programs and track recurring controls, such as IRAP, SSAE 18 SOC 2, ISO 27001/27002, CSA STAR, PCI DSS.
- Configure, update, and manage the GRC platform.
- Provide assistance during internal and external audits and evidence collection.
- Participate in defining, collecting, and tracking various security metrics.
What Skills and Knowledge Should You Bring?
- 3+ years of experience working in information security or compliance.
- Working experience with ISO 27001, SSAE 16/18 SOC 2, CSA STAR, PCI DSS, and other applicable regulatory compliance frameworks.
- Experience working with security controls across at least some of the following domains: Access Management, Encryption, Risk Management, Network Security, Configuration Management, Patch Management, Change Management, Awareness and Training, BC/DRP, etc.
- Ability to communicate effectively - in writing and verbally - to target audiences, including customers, partners, auditors, executive management, vendors, and peers.
- Experience working with both technical and non-technical teams.
- Ability and desire to understand the intent of requirements, and provide effective recommendations.
- Ability to prioritize in a highly-dynamic work environment.
- Bachelor’s degree in computer science, information technology or information security.
- Relevant certifications (e.g. ISO 27001 LA/LI, CISA, CISM, CISSP, CEH, CCSK, etc.)
- Ability to assess and pragmatically define scope and relevant controls.
SentinelOne is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.
SentinelOne participates in the E-Verify Program for all U.S. based roles.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Information Security Officer jobs
- Open Security Operations Engineer jobs
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open Ingénieur DevSecops H/F jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open o365 Security Architect jobs
- Open Senior Security Analyst jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Staff Product Security Engineer jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Product Security Engineer jobs
- Open Security Researcher jobs
- Open Cyber Security Architect jobs
- Open GCP-related jobs
- Open SOC-related jobs
- Open Risk assessment-related jobs
- Open Network security-related jobs
- Open Governance-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Analytics-related jobs
- Open CISM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Security assessment-related jobs
- Open Forensics-related jobs
- Open APIs-related jobs
- Open SQL-related jobs
- Open CI/CD-related jobs
- Open EDR-related jobs