Manager, Information Security Risk



Posted on Monday, August 7, 2023

About Us:

SentinelOne is defining the future of cybersecurity through our XDR platform that automatically prevents, detects, and responds to threats in real-time. Singularity XDR ingests data and leverages our patented AI models to deliver autonomous protection. With SentinelOne, organizations gain full transparency into everything happening across the network at machine speed – to defeat every attack, at every stage of the threat lifecycle.

We are a values-driven team where names are known, results are rewarded, and friendships are formed. Trust, accountability, relentlessness, ingenuity, and OneSentinel define the pillars of our collaborative and unified global culture. We're looking for people that will drive team success and collaboration across SentinelOne. If you’re enthusiastic about innovative approaches to problem-solving, we would love to speak with you about joining our team!

What are we looking for?

We are seeking an exceptional Information Security Risk professional with a security-focused mindset, who demonstrates strong motivation and collaboration. This role involves managing a team of IS risk specialists in India, guiding projects, IS audits, and risk assessments effectively. Your expertise in information security, risk management, and compliance will be instrumental in designing, implementing, and maintaining robust security controls. Your contributions will play a pivotal role in fortifying our Endpoint Security platform, solidifying our leadership in the cybersecurity industry. Embrace the opportunity to work flexibly across USA time zones, as needed, and be a driving force in our mission to safeguard businesses worldwide.

What will you do?

  • Supporting the planning and execution of IT risk-based security audits such as Australian IRAP and SSAE 18 SOC 2, conducting risk assessments, and effectively communicating findings to stakeholders.
  • Collaborating closely with process and control owners throughout the audit lifecycle, including documentation updates, evidence collection, testing coordination, remediation of identified deficiencies, and advising on internal control enhancements or process changes as necessary.
  • Providing consultative support to the business in redesign efforts to enhance the control environment and identify opportunities for control improvements to mitigate risk and improve compliance and operational performance.
  • Supporting customer security reviews, responding to RFPs, and addressing external security and privacy inquiries.
  • Leading and managing a team of Information Security Risk Specialists in their daily activities and projects.

What skills and knowledge should you bring?

  • 6+ years of experience working in information security, risk, or compliance.
  • 2+ years of proven ability to lead and manage a team of security risk professionals, providing guidance, support, and fostering a collaborative work environment.
  • Strong expertise in security controls across multiple domains, such as Access Management, Encryption, Risk Management, Network Security, Configuration Management, Patch Management, Change Management, Awareness & Training, BC/DRP, etc.
  • Ability to conduct internal audits with minimal supervision, exhibit professional audit judgment, and experience in various audit projects such as SSAE 16/18 SOC 2, ISO 27001/2, NIST, Australian IRAP etc.
  • Extensive experience in risk management, assessments, control design, enterprise control frameworks, and prioritizing risk.
  • Strong project management skills with and microsoft suite expertise and the ability to manage multiple projects concurrently and meet agreed timelines.
  • Familiarity with common Security Compliance frameworks, controls, and best practices such as COSO, SOC 2, SOX ITGC, Australian IRAP, ISO 27001/27002, NIST, and other applicable regulatory compliance frameworks.
  • Relevant certifications such as ISO 27001 LA/LI, CISA, CISM, CISSP, CRISC, etc.

Why us?

You will be joining a cutting-edge company where you will tackle extraordinary challenges and work with the very best in the industry.

  • Health Insurance
  • Industry-leading gender-neutral parental leave
  • Paid Company Holidays
  • Paid Sick Time
  • Employee stock purchase program
  • Employee assistance program
  • Gym membership reimbursement
  • Cell phone reimbursement
  • Numerous company-sponsored events, including regular happy hours and team-building events

SentinelOne is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

SentinelOne participates in the E-Verify Program for all U.S. based roles.