Principal DevSecOps Engineer

About the role

SentinelOne is looking for a DevSecOps Engineer to create and deploy Secure Software Development Lifecycle (SSDL) practices throughout the company. This engineer should have a background in DevOps and Application Security Assurance and expertise developing/deploying proactive security solutions. We need a highly motivated technical security expert to join SentinelOne’s InfoSec team to solve the problems of tomorrow while continuing to build and secure the foundations of today. You will work with various cutting-edge technologies to research, design, and implement defenses to secure and protect SentinelOne’s critical infrastructure and applications.

What will you do?

• Build the security strategy governing the applications and cloud-based platform infrastructure
• Collaborate with Infrastructure, DevOps, InfoSec and Application Engineers to understand the product, technology and business needs
• Define and own guidance, alerts, and security as code deployments, to provide protection from malicious traffic, vulnerabilities, and other attack vectors
• Simplify automation that applies security inter-workings with CI/CD pipelines
• Support the ability to “shift left” and incorporate security early on and throughout the development lifecycle including threat modeling and developer IDE security features.
• Architect procedures to automate security tasks which integrate into code builds and deployments
• Build security utilities and tools for internal enabling the AppSec team to operate at high speed and wide scale
• Build and maintain monitoring, auditing, and reporting frameworks that produce artifacts that support security and compliance needs
• Select new application security tools including vendor/tool assessments, and conduct full POC to prove that the security solutions/products are fit-for-purpose and fit-for-use
• Research security industry trends and best practices to share with the organization through presentations and training sessions

What skills & knowledge should you bring?

• 5+ years working in DevOps, DevSecOps, Application Security, or related field 
• Experience working with development and infrastructure teams in agile workflows, including Scrum and Kanban
• Experience with design, implementation, and rollout of DevSecOps automation and toolchain
• Experience building highly scalable, reliable internal CI/CD processes, platforms, and tools
• Understanding of containerized compute (e.g., Docker) and container orchestration (e.g., Docker Swarm, Kubernetes)
• Understanding of CloudFormation, Terraform, Ansible and Jenkins, and experience developing infrastructure as code
• Proficient securing Windows and *nix operating systems, applications, networking protocols and devices under a baseline requirement framework
• Experience with operations and security across Amazon Web Services (AWS), Microsoft Azure and Google Cloud Platform (GCP)
• Background and experience in SonarQube, Artifactory, Bamboo are desirable
• Understanding of OWASP, CVSS, the MITRE ATT&CK framework and the software development lifecycle (SDC) and how to balance the recommendations of each against business priorities
• Strong software engineering skills, a love for solving large complex problems, and ready to research, document, troubleshoot, and diagnose problems
• Passion for building tools that accelerate processes and improve engineering effectiveness

What we offer you

• Flexible working hours, In Prague & nearby we're working in a hybrid model with offices in Karlin, remotely in the rest of CZ or SK, with optional Brno offices for those who like to meet
• Generous employee stock plan in the form of RSUs (restricted stock units)
• Flexible Time Off (on top of the standard 5 weeks of vacation)
• Flexible Paid Sick Days
• Fully Paid Short Term Sick/Short Term Nursing Leave
• Global gender-neutral Parental Leave (16 weeks, beyond the leave provided by the local laws) & Grandparent Leave
• Volunteering paid day off & Additional paid Company holidays and Wellness days off (e.g. 6 days in 2022)
• Pension insurance contribution
• Premium Life Insurance covered by S1
• Cafeteria points (5.000 CZK/month), which you can spend on leisure & sports, kindergarten/school fees, travel etc. 
• Private medical care membership
• Global Employee Assistance Program (confidential counseling related to both personal and work life matters)
• High-end MacBook or Windows laptop, Home-office-setup gear & on top of that additional WFH Allowance
• Udemy Business platform for Hard/Soft skills Training & Support for your further educational activities/trainings
• Above-standard referral bonus
• Yearly bonus depending on the performance of the company
• On top of RSUs, you can benefit also from our attractive ESPP (employee stock purchase plan)
• Refreshments & snacks at the offices
• Optional company events for those who like to meet outside of work too (sport, BBQ, charity, offsite etc.)