What are we looking for?

We are looking for a detail-oriented and proactive Senior Security Engineer with a background in Security and a good understanding of DevOps/SRE principles. The ideal candidate will possess excellent communication skills and a passion for securing SentinelOne’s cloud services and offerings.

What will you do?

• Assist in the implementation and maintenance of our cloud security architecture, policies, and automation
• Help drive the development and execution of advanced cloud security solutions within existing security architecture frameworks, including credential management, access provisioning, authentication and authorization, data security, network security, application security, infrastructure security, security monitoring, and operational security
• Perform day-to-day security tasks within AWS, GCP, and other cloud environments, including managing firewalls, organizational policies, reviewing logs, and modifying IAM to ensure cloud security
• Develop and implement tools and scripts to automatically detect and remediate known security issues and support other security automation needs
• Promote and enforce cloud security hygiene conforming to existing internal security policies and external compliance standards such as SOC II
• Summarize cloud security risks to InfoSec stakeholders, including the identification and implementation of solutions to reduce our cloud security risk and exposure
• Contribute to security awareness initiatives across the organization by encouraging security culture and implementing best practices through developing and facilitating internal training materials
• Keep up with a high-performance culture by automating infrastructure provisioning, deployments, and management processes using Infrastructure as Code (IaC) tools such as Terraform, CloudFormation, and Helm
• Create and maintain secure CI/CD pipelines for the seamless deployment and delivery of applications and services using tools such as Jenkins and GitHub Actions
• Deploy, and maintain secure Kubernetes clusters for containerized security applications and microservices
• Stay up-to-date on the latest cloud security threats, changes to cloud offerings, and cutting-edge tools to proactively counter evolving dangers
• Collaborate effectively with the broader InfoSec team and Engineering groups to build the future of SentinelOne's cloud security
• Communicate effectively with management and peers by creating and tracking Key Performance Indicators (KPIs) or Objectives and Key Results (OKRs) related to cloud security initiatives

What skills and knowledge should you bring?

• 5+ years of experience supporting a cloud-based SaaS application in an InfoSec or operational capacity (SRE, DevOps, Security Engineering), with a strong focus on security duties.
• 3+ years of hands-on experience working with one of the main cloud providers (AWS, GCP, or Azure)
• Strong knowledge of cloud basics in areas such as Compute, IAM, VPC, Networking, Firewalls, and an understanding of native cloud security tools (e.g., AWS GuardDuty, CloudTrail, Shield; GCP Secret Manager, Cloud Audit Logs)
• Demonstrated experience implementing scalable and secure cloud networks in multi-region environments
• In-depth understanding and practical experience with Infrastructure as Code (IaC) industry best practices and their implementation, utilizing tools such as Terraform, Pulumi, CloudFormation, and Helm
• Proficiency in one or more programming or scripting languages, such as Python, for automation and tool development
• Extensive knowledge of cloud deployment pipelines and applied experience with Agile Software Development Life Cycle practices
• Practical knowledge of validating environments against security and compliance controls, including report assembly, evidence gathering, diagram creation, and assistance with the audit process

Preferred Qualifications

• Experience with containers and microservices, specifically Kubernetes, EKS, GKE, or ECS
• Exposure to or experience with Serverless technologies like Lambda, Cloud Functions, or Cloud Run
• Relevant industry certifications such as AWS Certified Solutions Architect, AWS Certified SysOps, AWS Certified Advanced Networking Specialty, AWS Certified Security Specialty, Azure AZ-500, Google Professional Cloud Security Engineer, CISSP, CNCF CKA, and/or CKS
• Experience operating under regulatory frameworks such as SOC II, and/or ISO 27001

Why us?

You will work on real-world problems and make an impact by protecting our customers from cyber threats. You will be joining a cutting-edge project and will be able to influence the architecture, design, and structure of our core platform. You will tackle extraordinary challenges and work with the very BEST in the industry.

• Flexible working hours, In Prague & nearby we're working in a hybrid model with offices in Karlin (brand new Missouri Park), remotely in the rest of CZ or SK, with optional Brno offices (Clubco Vlněna) for those who like to meet
• Generous employee stock plan in the form of grant of RSUs (restricted stock units) not options; 4 years vesting with 1-year cliff and then quarterly
• Yearly bonus depending on the performance of the company, paid out in 2 installments
• Flexible Time Off (on top of the standard 5 weeks of vacation)
• Flexible Paid Sick Days
• Fully Paid Short Term Sick/Short Term Nursing Leave
• Global gender-neutral Parental Leave (16 weeks, beyond the leave provided by the local laws) & Grandparent Leave
• Volunteering paid day off & Additional paid Company holidays off (e.g. 4 days in 2022)
• Pension insurance contribution
• Premium Life Insurance covered by S1
• Monthly Meal & Wellbeing Allowance
• Private medical care membership for your and your +1
• Global Employee Assistance Program (confidential counseling related to both personal and work life matters), Wellness Coach:Mind Body Sleep app company access (sessions, audiobooks, classes, private coaching etc.)
• High-end MacBook or Windows laptop, Home-office-setup gear & on top of that additional WFH Allowance
• Udemy Business platform for Hard/Soft skills Training, internal mentoring 'MentorOne' & Support for your further educational activities/trainings
• Above-standard referral bonus
• On top of RSUs, you can benefit also from our attractive ESPP (employee stock purchase plan)
• Refreshments and snacks at the offices
• Optional company events for those who like to meet outside of work too (sport, BBQ, charity etc.)