Senior Staff Technical Program Manager, Security Assurance

About Us:

SentinelOne is defining the future of cybersecurity through our XDR platform that automatically prevents, detects, and responds to threats in real-time. Singularity XDR ingests data and leverages our patented AI models to deliver autonomous protection. With SentinelOne, organizations gain full transparency into everything happening across the network at machine speed – to defeat every attack, at every stage of the threat lifecycle. 

We are a values-driven team where names are known, results are rewarded, and friendships are formed. Trust, accountability, relentlessness, ingenuity, and OneSentinel define the pillars of our collaborative and unified global culture. We're looking for people that will drive team success and collaboration across SentinelOne. If you’re enthusiastic about innovative approaches to problem-solving, we would love to speak with you about joining our team!

What are we looking for?

The goal of Technical Program Manager - Security Assurance is to ensure that the SentinelOne system meets its security requirements and is resilient against security vulnerabilities through the implementation and management of security hardening, testing, and vulnerability management. These activities include defining security goals/metrics, driving the vulnerability management program, rebuilding processes to scale with the business, assisting in analyzing threats, supporting penetration testing and security audits, and providing recommendations and mitigation plans.

What will you do? 

• Vulnerability Management
• Lead the design, development, and execution of the Vulnerability Management Program, ensuring alignment with organizational security goals and compliance requirements.
• Oversee the identification, assessment, and prioritization of all vulnerabilities across all environments, including cloud, on-premises, and hybrid infrastructures.
• Develop and maintain processes for timely and effective vulnerability remediation, working closely with engineering and operations teams.
• Monitor and report on vulnerability management metrics, providing deep security insights and recommendations to senior leadership.
• Identify and assess risks associated with vulnerabilities, providing detailed analysis, correlation, categorization, and recommendations for risk mitigation.
• Serve as a key point of contact for vulnerability management, working closely with stakeholders across the organization to communicate risks, progress, and remediation efforts.
• Secure Software Development Life Cycle
• Collaborate with development teams to help define and build a robust secure software development life cycle by incorporating security testing, code scanning, and vulnerability assessment results to ensure security is embedded in all parts of the development life cycle.
• Continuous Improvement
• Identify and drive continuous improvement initiatives, to include Red Team and external penetration testing, to enhance the effectiveness and efficiency of the workflows and processes and scale with the business.
• Collaborate with product teams to build Bug Bounty campaigns and hack-a-thons to help identify gaps regarding the effectiveness of our internal security and engineering practices.
• Security Compliance
• Oversee that SentinelOne security hardening standards are met, monitored, and maintained.
• Ensure compliance with relevant regulatory requirements and industry standards (e.g., NIST, ISO 27001, PCI-DSS) through effective security assurance practices.
• Help build and define training and awareness programs and guidance to promote a security-first mindset among development, operations, and business teams.
• Stay current with emerging threats, vulnerabilities, and industry trends, incorporating new tools and techniques into the security workflows and processes.
• Reporting
• Prepare and present actionable reports on the status and trends of the security posture of the system to internal and external stakeholders.
• Facilitate effective communication across teams and stakeholders regarding security updates and initiatives.
• Handle business escalations with a data-driven approach to build trust with security, IT and engineering teams.
• Create and manage project timelines, establish key milestones and major deliverables, ensure resource alignment, and drive teams forward.

What skills and knowledge should you bring?

• Bachelor’s degree in cybersecurity, information technology, computer science, or a related field; advanced degree preferred.
• 7+ years of progressive experience in cybersecurity, with at least 5+ years dedicated to building or supporting Vulnerability Management Programs.
• 2-3 years experience supporting DevSecOps, including integrating security practices into CI/CD pipelines and development processes.
• Strong knowledge of vulnerability assessment tools (e.g., Nessus, Qualys, Tenable, Metasploit).
• Familiarity with cloud security practices and platforms (e.g., AWS, Azure, Google Cloud).
• Background and experience working with security frameworks and standards (e.g., NIST, ISO 27001, OWASP, CIS Controls).
• Excellent project management skills with the ability to manage multiple projects and initiatives simultaneously.
• Strong analytical, problem-solving, and communication skills, with the ability to present complex information to technical and non-technical audiences.
• Hold relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Certified Information Security Manager (CISM).

Why us?

You will be joining a cutting-edge company where you will tackle extraordinary challenges and work with the very best in the industry.

• Medical, Vision, Dental, 401(k), Commuter, Health and Dependent FSA
• Unlimited PTO
• Industry-leading gender-neutral parental leave
• Paid Company Holidays
• Paid Sick Time
• Employee stock purchase program
• Disability and life insurance
• Employee assistance program
• Gym membership reimbursement
• Cell phone reimbursement
• Numerous company-sponsored events, including travel for conferences and team-building events

This U.S. role has a base pay range that will vary based on the location of the candidate.  For some

locations, a different pay range may apply.  If so, this range will be provided to you during the recruiting

process.  You can also reach out to the recruiter with any questions.

Base Salary Range$176,000—$242,000 USD

SentinelOne is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

SentinelOne participates in the E-Verify Program for all U.S. based roles. 

Apply