Sr. Public Sector Compliance Specialist

Please note that under Federal & FedRAMP regulations, hiring for this role is limited to US citizens only. FedRAMP Staff may be subject to customer or third-party background checks, up to and including a secret clearance, if required by their role at SentinelOne. 

What are we looking for?

SentinelOne is continuing to grow our Public Sector business and is looking for a Sr. Public Sector Compliance Specialist with experience in monitoring, reviewing, and ensuring the implementation and maintenance of security controls are by Federal guidelines and regulations.. 

What will you do?

Ensure the program’s security and operations are in support of SentinelOne, Public Sector cybersecurity, and FedRAMP program policy.

• Assist in the maintenance and oversight of security controls to ensure compliance with FedRAMP and other relevant Public Sector security frameworks.
• Conduct regular assessments and audits to verify the effectiveness of security controls.
• Work with the teams to set and meet quality standards for vulnerability management deliverables.
• Support the identification, assessment, and management of security risks associated with the information systems.
• Works with other SentinelOne stakeholder organizations (engineering, site reliability engineering, and FedRAMP product management) to maintain and support our Public Sector environments in a compliant manner.
• Create and maintain accurate and up-to-date security documentation, including security plans, risk assessments, Plan of Actions & Milestones (POA&M), and authorization packages.
• Support the Change Control Board (CCB) by reviewing system changes for compliance implications.
• Ensures quality of all Continuous Monitoring (ConMon) deliverables and timely submission to approved repositories for FedRAMP PMO and customer review.
• Supports the execution and completion of FedRAMP annual assessments, including analysis and remediation of findings, support gathering/management of audit evidence, and finalization of Security Package documentation such as System Security Plan (SSP), Policies/Procedures, Security Assessment Plan (SAP), Risk Exposure Table (RET), and Security Assessment Report (SAR).
• Keeping abreast of changes performed on Federal systems and providing notice of changes to FedRAMP and customers via the Significant Change Request (SCR) process.
• Maintains and executes compliance related activities for public sector offerings, including user onboarding/offboarding, customer eligibility validation, regulated package access requests, and performing internal compliance audits.

Support and foster collaboration among stakeholders

• Collaborate with system administrators, developers, engineers, product owners, and other stakeholders to integrate security measures into the system development life cycle.
• Provide support during security incidents, including investigation, documentation, and reporting.
• Identify areas of concern and provide recommendations for mitigations and/or remediation. 

 Continuous learning and growth

• Stay on top of new technologies and how they can be used to help enhance the overall security posture of our offerings.
• Stay current on industry best practices, emerging threats, and changes in security regulations.
• Continually seek out new tools that could improve the way we work.

What skills and experience should you bring?

• 5+ years of prior experience working as a GRC Analyst, Security Compliance Analyst/Manager, Compliance Specialist, or in an ISSO/ISSM-equivalent role in a similar industry.
• Must have US government (i.e. FedRAMP, FISMA, CMMC, etc) or US Public Sector compliance experience; experience supporting DoD and SLED environments is a plus.
• Strong knowledge of information security principles, practices, and technologies, including risk management and control-based compliance.
• Experience contributing to the delivery or oversight of complex compliance programs, products, or platforms, preferably in a cloud or hybrid environment.
• Experience implementing, evaluating, and assessing cybersecurity and compliance controls, including frameworks such as FedRAMP, NIST SP 800-53, and DISA SRGs/STIGs.
• Demonstrated ability to build and manage collaborative relationships with a diverse set of stakeholders across engineering, security, product, and compliance teams.
• Familiarity with modern cloud technologies and architectures (e.g., AWS, Azure, GCP, SaaS platforms).
• Must reside in the United States, be a U.S. Citizen, and have the ability to obtain a government clearance if required.
• Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Information Systems Auditor (CISA) are a plus

Why us?

You will be joining a cutting-edge company where you will tackle extraordinary challenges and work with the very best in the industry.

• Medical, Vision, Dental, 401(k), Commuter, Health and Dependent FSA
• Unlimited PTO
• Industry-leading gender-neutral parental leave
• Paid Company Holidays
• Paid Sick Time
• Employee stock purchase program
• Disability and life insurance
• Employee assistance program
• Gym membership reimbursement
• Cell phone reimbursement
• Numerous company-sponsored events, including regular happy hours and team-building events