Apply on Employer Site

SentinelOne · 2 days ago

Senior Information Security Risk Specialist (GRC)

United States

Full-time

Remote

Mid, Senior Level

$104K/yr - $138K/yr

5+ years exp

SentinelOne is a cutting-edge cybersecurity company focused on AI-powered innovation to combat future threats. The Senior Information Security Risk Specialist will be responsible for supporting the design and implementation of security controls, conducting risk assessments, and managing audit processes to ensure compliance and mitigate risks.

Artificial Intelligence (AI)Cyber SecurityNetwork SecuritySecurity

Growth Opportunities

H1B Sponsor Likely

Responsibilities

Support the planning and performance of IT risk-based security audits and projects, risk assessments, execution of fieldwork and communication to stakeholders

Help in evaluating relevant global standards, compliance frameworks and regulations to analyze existing controls; identify areas for improvement; and design control growth

Collaborate with process and control owners through the audit lifecycle for process documentation updates, testing coordination, remediation of identified deficiencies and advising on internal control enhancements or process changes, as appropriate

Proactively manage audit findings, tracking and documentation of status updates obtained via action owners, and timely execution of remediation activities

Participate in internal security and compliance programs and track recurring controls, such as SSAE 18 SOC 2, ISO 27001/27002

Provide control consultative support to the business to assist in redesign efforts to improve the control environment and identify opportunities for control improvements with the objective of mitigating risk and improving compliance and operational performance

Help support internal/external audits and evidence collection via a GRC tool

Document new and update existing policies, procedures, standards and resources

Participate in Security awareness program, train personnel on data security and privacy-related processes and responsibilities

Help support customer security reviews, RFPs and external security and privacy inquiries

Participate in defining, collecting and tracking various Security Metrics

Qualification

Information SecurityRisk ManagementCompliance FrameworksInternal AuditsSecurity ControlsProject ManagementTechnical CommunicationDesire to LearnEffective RecommendationsCollaboration SkillsInterpersonal SkillsAdaptability

Required

5+ years of experience working in information security, risk or compliance

Experience working with Security Controls across at least some of the following domains: Access Management, Encryption, Risk Management, Network Security, Configuration Management, Patch Management, Change Management, Awareness and Training, BC/DRP, etc

Ability to perform internal audits with minimal direct supervision, exhibit professional audit judgment and have experience in a broad range of audit projects such as SSAE 16/18 SOC 2, ISO 27001/2, NIST

Strong risk management experience, performing assessments and audits, designing controls, managing enterprise control frameworks, and prioritizing risk

Strong project management skills and ability to manage a variety of projects simultaneously to completion within the agreed timelines

Excellent collaboration and interpersonal skills. Must be able to communicate with all levels in the organization

Ability to communicate effectively, in writing and verbally, to target audiences, including customers, partners, auditors, executive management, vendors, and peers

Experience working with both technical and non-technical teams

Ability and desire to understand the intent of requirements and provide effective recommendations

Ability to prioritize in a highly dynamic work environment

Preferred

Advanced degree in computer science, Information Technology, Information Security or related field

Experience with, and strong understanding of common Security Compliance frameworks, controls, and best practices such as COSO, SOC 2, SOX ITGC, ISO 27001/27002, GDPR, PCI, NIST and other applicable regulatory compliance frameworks

Relevant certifications (ISO 27001 LA/LI, CISA, CISM, CISSP, CRISC, etc.)

Ability to assess and pragmatically define scope and relevant controls

Strong desire to learn and continuously develop and deepen technical skills

Benefits

Medical, Vision, Dental, 401(k), Commuter, Health and Dependent FSA

Unlimited PTO

Industry-leading gender-neutral parental leave

Paid Company Holidays

Paid Sick Time

Employee stock purchase program

Disability and life insurance

Employee assistance program

Gym membership reimbursement

Cell phone reimbursement

Numerous company-sponsored events, including regular happy hours and team-building events

Company

SentinelOne

Glassdoor4.6

SentinelOne is an autonomous cybersecurity solution company.

Founded in 2013

Mountain View, California, USA

1001-5000 employees

http://www.sentinelone.com

H1B Sponsorship

SentinelOne has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2025 (13)

2024 (14)

2023 (2)

2022 (18)

2021 (5)

Funding

Current Stage

Public Company

Total Funding

$696.52M

Key Investors

Tiger Global ManagementInsight PartnersRedpoint

2021-06-30Post Ipo Equity

2021-06-30IPO

2020-11-11Series F· $267M

Leadership Team

Tomer Weingarten

Co-Founder and CEO

Wayne Phillips

Field CTO

Recent News

Business Insider

11 executives and researchers who left Google in 2025 — mostly for Microsoft

2026-01-03

The Motley Fool

2 Spectacular Artificial Intelligence (AI) Stocks to Buy Hand Over Fist in 2026, According to Wall Street

2026-01-03

The Motley Fool

2 AI Stocks That Could Turn $100,000 Into $1 Million Even Before 2036

2025-12-27

Company data provided by crunchbase