[Remote] Sr. Public Sector Compliance Specialist

🌍 Remote, USA 🚀 Full-time 🕐 Posted Recently

Job Description

Note: The job is a remote job and is open to candidates in USA. SentinelOne is a company at the intersection of AI and security, pioneering a new operating model for cybersecurity. They are seeking a Sr. Public Sector Compliance Specialist to ensure the implementation and maintenance of security controls in compliance with federal guidelines and regulations.

    Responsibilities
  • Ensure the program’s security and operations are in support of SentinelOne, Public Sector cybersecurity, and FedRAMP program policy
  • Assist in the maintenance and oversight of security controls to ensure compliance with FedRAMP and other relevant Public Sector security frameworks
  • Conduct regular assessments and audits to verify the effectiveness of security controls
  • Work with the teams to set and meet quality standards for vulnerability management deliverables
  • Support the identification, assessment, and management of security risks associated with the information systems
  • Works with other SentinelOne stakeholder organizations (engineering, site reliability engineering, and FedRAMP product management) to maintain and support our Public Sector environments in a compliant manner
  • Create and maintain accurate and up-to-date security documentation, including security plans, risk assessments, Plan of Actions & Milestones (POA&M), and authorization packages
  • Support the Change Control Board (CCB) by reviewing system changes for compliance implications
  • Ensures quality of all Continuous Monitoring (ConMon) deliverables and timely submission to approved repositories for FedRAMP PMO and customer review
  • Supports the execution and completion of FedRAMP annual assessments, including analysis and remediation of findings, support gathering/management of audit evidence, and finalization of Security Package documentation such as System Security Plan (SSP), Policies/Procedures, Security Assessment Plan (SAP), Risk Exposure Table (RET), and Security Assessment Report (SAR)
  • Keeping abreast of changes performed on Federal systems and providing notice of changes to FedRAMP and customers via the Significant Change Request (SCR) process
  • Maintains and executes compliance related activities for public sector offerings, including user onboarding/offboarding, customer eligibility validation, regulated package access requests, and performing internal compliance audits
  • Collaborate with system administrators, developers, engineers, product owners, and other stakeholders to integrate security measures into the system development life cycle
  • Provide support during security incidents, including investigation, documentation, and reporting
  • Identify areas of concern and provide recommendations for mitigations and/or remediation
  • Stay on top of new technologies and how they can be used to help enhance the overall security posture of our offerings
  • Stay current on industry best practices, emerging threats, and changes in security regulations
  • Continually seek out new tools that could improve the way we work
    Skills
  • 5+ years of prior experience working as a GRC Analyst, Security Compliance Analyst/Manager, Compliance Specialist, or in an ISSO/ISSM-equivalent role in a similar industry
  • Must have US government (i.e. FedRAMP, FISMA, CMMC, etc) or US Public Sector compliance experience
  • Strong knowledge of information security principles, practices, and technologies, including risk management and control-based compliance
  • Experience contributing to the delivery or oversight of complex compliance programs, products, or platforms, preferably in a cloud or hybrid environment
  • Experience implementing, evaluating, and assessing cybersecurity and compliance controls, including frameworks such as FedRAMP, NIST SP 800-53, and DISA SRGs/STIGs
  • Demonstrated ability to build and manage collaborative relationships with a diverse set of stakeholders across engineering, security, product, and compliance teams
  • Familiarity with modern cloud technologies and architectures (e.g., AWS, Azure, GCP, SaaS platforms)
  • Must reside in the United States, be a U.S. Citizen, and have the ability to obtain a government clearance if required
  • Experience supporting DoD and SLED environments is a plus
  • Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Information Systems Auditor (CISA) are a plus
    Benefits
  • Medical, Vision, Dental, 401(k), Commuter, Health and Dependent FSA
  • Unlimited PTO
  • Industry-leading gender-neutral parental leave
  • Paid Company Holidays
  • Paid Sick Time
  • Employee stock purchase program
  • Disability and life insurance
  • Employee assistance program
  • Gym membership reimbursement
  • Cell phone reimbursement
  • Numerous company-sponsored events, including regular happy hours and team-building events
    Company Overview
  • SentinelOne is an autonomous cybersecurity solution company. It was founded in 2013, and is headquartered in Mountain View, California, USA, with a workforce of 1001-5000 employees. Its website is http://www.sentinelone.com.

Apply tot his job

Apply To this Job

Ready to Apply?

Don't miss out on this amazing opportunity!

🚀 Apply Now

Similar Jobs

Recent Jobs

You May Also Like