Cloud Security Engineer
SentinelOne was formed by an elite team of cybersecurity and defense experts from IBM, Intel, Check Point, Cylance, McAfee, and Palo Alto Networks. SentinelOne is shaping the future of endpoint security through its unified, converged platform that automatically prevents, detects and responds to threats in real-time. Our unique approach is based on deep inspection of all system processes combined with innovative machine learning to quickly isolate malicious behaviors, protecting devices against advanced, targeted threats in real-time.
What are we looking for?
SentinelOne is looking for a seasoned AWS Cloud Security Architect. This role will help secure all of SentinelOne’s cloud provided SaaS services and infrastructure. The person in this role is critical in working with SentinelOne’s R&D team, Cloud Ops, and Dev Ops to reduce risk and to “shift left” our architecture so it is more secure by design.
A successful candidate for this position will have the ability to think outside the box and work on complex problems that span many different information security domains. They will be able to be self-motivated and comfortable working in a very high paced and evolving environment. This pace will require them to understand what problems will be real continues issued and which will evolve out the system to prioritize work.
You will work on real-world problems and make an impact by protecting our customers from cyber threats. You will be joining a cutting-edge project and will be able to influence the architecture, design, and structure of our core platform. You will tackle extraordinary challenges and work with the very BEST in the industry.
What will you do?
- Design, collaborate and help implement cloud security architectures for all of SentinelOne’s cloud services and offerings.
- Drive cloud security solution design for the security architecture framework (e.g., credential management, access provisioning, authentication and authorization, data security, network security, application security, infrastructure security, security monitoring, and operations security)
- Design and develop generic security patterns and guidelines to enable applications to stay compliant - integrate them Application and DevOps processes and CI/CD pipelines from early stages of the lifecycle
- Help implement and automate detective controls in our Cloud Environment to alert on critical security issues.
- Implement and maintain security controls that reduce risk and allows risk-based reporting on SentinelOne’s cloud security posture.
- Summarizes cloud security risks to both technical and non-technical audiences to ensure the appropriate solutions and recommendations are identified
What experience or knowledge should you bring?
- 5+ years of Cloud Security experience
- 3+ years of AWS experience
- Proven experience and desire to operate as a self-starter and be comfortable working in an ambiguous, yet fast-paced, environment.
- Experienced in designing the overall Virtual Private Cloud VPC environment including server instance, storage instances, subnets, network access controls, security groups, availability zones, etc.
- Experience designing the AWS network architecture including VPN connectivity between regions and colocations
- Ability to design and deploy AWS AMIs and build machine templates using various infrastructure as code tools
- Knowledge of designing the HA / DR strategies across various AWS services
- Experience provisioning and spinning up AWS VPCs and other core services
- Ability to architect solutions relating to security and HA for new or existing cloud architectures
- Strong technical understanding to be able to validate that an environment meets all security and compliance controls
- Experience in the following:
- SaaS, PaaS, and IaaS technologies including security architecture design and implementations
- Web Services, SOA Architecture, Application Security Firewalls, XML Firewalls, and IDS technologies
- Containers and Micro Services such as Docker and Kubermetes,
- Big Data specifically in securing data lakes
- Secure code development and review
- Experience with infrastructure automation (Cloudformation, Terraform) and configuration management tools (Ansible, Chef, Puppet, and similar)-preferred.
- AWS Services including EC2, VPC, S3, Glacier, EFS, AWS Kinesis, Lambda, Elastic Beanstalk, RDS, DynamoDB, Redshift
- AWS security implementations using IAM, KMS, Trusted Advisor, Security Groups, NACL
- Monitoring the AWS migrated applications using Cloud Trail, Cloud Watch, Config
- Nice to have: AWS Certifications AWS Certified Solutions Architect, AWS Certified Security, AWS Certified Advanced Networking, AWS Certified SysOps Administrator, CISSP
SentinelOne is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.