Security Configuration Management Engineer

Summary

Join SentinelOne's Information Security Team as a Security Configuration Management Engineer. You will help lead the next level of security work, focusing on best practices and automation in commercial and FedRAMP environments. Responsibilities include maintaining configuration baselines for various security software and hardware, understanding supply chain risks, proposing process improvements, and communicating analysis to team members and auditors. You will proactively engage with vendors and investigate configuration management problems. This role requires critical duties during crises, potentially involving extended hours and on-call work. U.S. Citizenship is required due to Federal Government contract requirements. The position offers a competitive salary and a comprehensive benefits package.

Requirements

• Bachelor's degree and/or applicable, proven experience
• 8+ years' experience in Security/IT or equivalent knowledge
• Knowledge of various security methodologies and processes, and technical security solutions (SIEM, firewall, MDM and intrusion detection systems)
• 5+ years engineering experience with IT/security SW: SIEM, MDM, etc
• Proficient in writing/developing procedures, work instructions and tickets
• Understanding of baselines, and formal change control procedures

Responsibilities

• Help lead the next level of security work at SentinelOne focusing on best practices and automation in both our commercial and FedRAMP environments
• Be responsible for maintaining the configuration baselines for the following security software (and HW)
• SentinelOne SingularityOne platform
• SIEM
• MDM (MS InTune)
• Host-based IDS/IPS
• Firewall
• Proxies
• Jumphost farms/AWS Workstations
• Servers and workstations (on-prem and in-cloud)
• AWS Golden Images
• Understanding of supply chain risks especially in OSS and hardware provisioning and tracking through strong configuration management processes
• Taking initiative in evaluating, proposing, and deploying various process improvements
• Clearly communicate and share your analysis with members of the Security Team, auditors and regulators
• Proactively engage with vendors to work through issues that arise
• Investigate, document and report on change control and configuration management problems across the organization
• Integrate and share information with SOC analysts and with both security and other department teams
• Other tasks and responsibilities as assigned

Preferred Qualifications

• Experience with audit frameworks such as SOC2, FedRAMP, ISO 27001 are a plus
• Strong desire to take existing processes and find ways to leverage automation to reduce error and speed up task completion rates

Benefits

• Medical, Vision, Dental, 401(k), Commuter, Health and Dependent FSA
• Unlimited PTO
• Industry-leading gender-neutral parental leave
• Paid company holidays
• Paid sick time
• Employee stock purchase program
• Disability and life insurance
• Employee assistance program
• Gym membership reimbursement
• Cell phone reimbursement
• Numerous company-sponsored events including regular happy hours and team-building events