Sr. Public Sector Compliance Specialist

Please note that under Federal & FedRAMP regulations hiring for this role is limited to US citizens only. FedRAMP Staff may be subject to customer or third-party background checks up to and including a secret clearance if required by their role at SentinelOne.

What are we looking for

SentinelOne is continuing to grow our Public Sector business and is looking for a Sr. Public Sector Compliance Specialist with experience in monitoring reviewing and ensuring the implementation and maintenance of security controls are by Federal guidelines and regulations..

What will you do

Ensure the programs security and operations are in support of SentinelOne Public Sector cybersecurity and FedRAMP program policy.

• Assist in the maintenance and oversight of security controls to ensure compliance with FedRAMP and other relevant Public Sector security frameworks.
• Conduct regular assessments and audits to verify the effectiveness of security controls.
• Work with the teams to set and meet quality standards for vulnerability management deliverables.
• Support the identification assessment and management of security risks associated with the information systems.
• Works with other SentinelOne stakeholder organizations (engineering site reliability engineering and FedRAMP product management) to maintain and support our Public Sector environments in a compliant manner.
• Create and maintain accurate and up-to-date security documentation including security plans risk assessments Plan of Actions & Milestones (POA&M) and authorization packages.
• Support the Change Control Board (CCB) by reviewing system changes for compliance implications.
• Ensures quality of all Continuous Monitoring (ConMon) deliverables and timely submission to approved repositories for FedRAMP PMO and customer review.
• Supports the execution and completion of FedRAMP annual assessments including analysis and remediation of findings support gathering/management of audit evidence and finalization of Security Package documentation such as System Security Plan (SSP) Policies/Procedures Security Assessment Plan (SAP) Risk Exposure Table (RET) and Security Assessment Report (SAR).
• Keeping abreast of changes performed on Federal systems and providing notice of changes to FedRAMP and customers via the Significant Change Request (SCR) process.
• Maintains and executes compliance related activities for public sector offerings including user onboarding/offboarding customer eligibility validation regulated package access requests and performing internal compliance audits.

Support and foster collaboration among stakeholders

• Collaborate with system administrators developers engineers product owners and other stakeholders to integrate security measures into the system development life cycle.
• Provide support during security incidents including investigation documentation and reporting.
• Identify areas of concern and provide recommendations for mitigations and/or remediation.

Continuous learning and growth

• Stay on top of new technologies and how they can be used to help enhance the overall security posture of our offerings.
• Stay current on industry best practices emerging threats and changes in security regulations.
• Continually seek out new tools that could improve the way we work.

What skills and experience should you bring

• 5 years of prior experience working as a GRC Analyst Security Compliance Analyst/Manager Compliance Specialist or in an ISSO/ISSM-equivalent role in a similar industry.
• Must have US government (i.e. FedRAMP FISMA CMMC etc) or US Public Sector compliance experience; experience supporting DoD and SLED environments is a plus.
• Strong knowledge of information security principles practices and technologies including risk management and control-based compliance.
• Experience contributing to the delivery or oversight of complex compliance programs products or platforms preferably in a cloud or hybrid environment.
• Experience implementing evaluating and assessing cybersecurity and compliance controls including frameworks such as FedRAMP NIST SP 800-53 and DISA SRGs/STIGs.
• Demonstrated ability to build and manage collaborative relationships with a diverse set of stakeholders across engineering security product and compliance teams.
• Familiarity with modern cloud technologies and architectures (e.g. AWS Azure GCP SaaS platforms).
• Must reside in the United States be a U.S. Citizen and have the ability to obtain a government clearance if required.
• Relevant certifications such as Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) or Certified Information Systems Auditor (CISA) are a plus

Why us

You will be joining a cutting-edge company where you will tackle extraordinary challenges and work with the very best in the industry.

• Medical Vision Dental 401(k) Commuter Health and Dependent FSA
• Unlimited PTO
• Industry-leading gender-neutral parental leave
• Paid Company Holidays
• Paid Sick Time
• Employee stock purchase program
• Disability and life insurance
• Employee assistance program
• Gym membership reimbursement
• Cell phone reimbursement
• Numerous company-sponsored events including regular happy hours and team-building events

Required Experience:

Senior IC