Senior Staff Technical Program Manager, Security Assurance

Summary

Join SentinelOne as a Technical Program Manager - Security Assurance and ensure our system meets stringent security requirements. You will lead vulnerability management, collaborate with development teams on secure software development, drive continuous improvement initiatives, and oversee security compliance. This role demands strong project management, analytical, and communication skills. You will report on security posture to stakeholders and manage multiple projects simultaneously. SentinelOne offers a competitive salary and benefits package, including unlimited PTO, parental leave, and various other perks.

Requirements

• Bachelor’s degree in cybersecurity, information technology, computer science, or a related field; advanced degree preferred
• 7+ years of progressive experience in cybersecurity, with at least 5+ years dedicated to building or supporting Vulnerability Management Programs
• 2-3 years experience supporting DevSecOps, including integrating security practices into CI/CD pipelines and development processes
• Strong knowledge of vulnerability assessment tools (e.g., Nessus, Qualys, Tenable, Metasploit)
• Familiarity with cloud security practices and platforms (e.g., AWS, Azure, Google Cloud)
• Background and experience working with security frameworks and standards (e.g., NIST, ISO 27001, OWASP, CIS Controls)
• Excellent project management skills with the ability to manage multiple projects and initiatives simultaneously
• Strong analytical, problem-solving, and communication skills, with the ability to present complex information to technical and non-technical audiences
• Hold relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Certified Information Security Manager (CISM)

Responsibilities

• Lead the design, development, and execution of the Vulnerability Management Program, ensuring alignment with organizational security goals and compliance requirements
• Oversee the identification, assessment, and prioritization of all vulnerabilities across all environments, including cloud, on-premises, and hybrid infrastructures
• Develop and maintain processes for timely and effective vulnerability remediation, working closely with engineering and operations teams
• Monitor and report on vulnerability management metrics, providing deep security insights and recommendations to senior leadership
• Identify and assess risks associated with vulnerabilities, providing detailed analysis, correlation, categorization, and recommendations for risk mitigation
• Serve as a key point of contact for vulnerability management, working closely with stakeholders across the organization to communicate risks, progress, and remediation efforts
• Collaborate with development teams to help define and build a robust secure software development life cycle by incorporating security testing, code scanning, and vulnerability assessment results to ensure security is embedded in all parts of the development life cycle
• Identify and drive continuous improvement initiatives, to include Red Team and external penetration testing, to enhance the effectiveness and efficiency of the workflows and processes and scale with the business
• Collaborate with product teams to build Bug Bounty campaigns and hack-a-thons to help identify gaps regarding the effectiveness of our internal security and engineering practices
• Oversee that SentinelOne security hardening standards are met, monitored, and maintained
• Ensure compliance with relevant regulatory requirements and industry standards (e.g., NIST, ISO 27001, PCI-DSS) through effective security assurance practices
• Help build and define training and awareness programs and guidance to promote a security-first mindset among development, operations, and business teams
• Stay current with emerging threats, vulnerabilities, and industry trends, incorporating new tools and techniques into the security workflows and processes
• Prepare and present actionable reports on the status and trends of the security posture of the system to internal and external stakeholders
• Facilitate effective communication across teams and stakeholders regarding security updates and initiatives
• Handle business escalations with a data-driven approach to build trust with security, IT and engineering teams
• Create and manage project timelines, establish key milestones and major deliverables, ensure resource alignment, and drive teams forward

Benefits

• Medical, Vision, Dental, 401(k), Commuter, Health and Dependent FSA
• Unlimited PTO
• Industry-leading gender-neutral parental leave
• Paid Company Holidays
• Paid Sick Time
• Employee stock purchase program
• Disability and life insurance
• Employee assistance program
• Gym membership reimbursement
• Cell phone reimbursement
• Numerous company-sponsored events, including travel for conferences and team-building events