Staff Cloud Security Engineer

We are looking for a detail-oriented and proactive candidate who loves Security and is familiar with DevOps/SRE principles with excellent communication skills to help secure SentinelOne's cloud services and offerings.

• Implement and maintain our cloud security architecture, policies, and automation
• Drive cloud security solutions within our existing architecture frameworks (e.g. credential management, access provisioning, authentication and authorization, data security, network security, application security, infrastructure security, security monitoring, and operational security)
• Writing tools and scripts to automatically remediate known issues and other security automation needs
• Perform day-to-day security tasks within AWS, GCP, Azure, and other future cloud environments,  including managing firewalls, organizational policies, reviewing logs, modifying IAM, and anything else required to secure our clouds
• Guide SentinelOne in larger architecture plans within all current and future cloud environments
• Promote cloud security hygiene that conforms to existing security and compliance requirements such as SOC II and FedRAMP
• Report cloud security risks to all relevant stakeholders, including the identification and implementation of solutions to reduce our cloud security risk and exposure
• Stay up-to-date on the latest threats and the changes to cloud offerings and other tools to counter those dangers
• Be a security champion throughout the organization by encouraging security awareness and implementing best practices through developing and facilitating internal training materials
• Elevate and guide the existing Information Security team with your background and knowledge of proven security solutions
• Promote and develop a culture of high performance by automating infrastructure provisioning, deployments, and management processes by using Infrastructure as Code (IaC) tools such as Terraform, Pulumi, CloudFormation, and Helm
• Advise and collaborate with the rest of the Information Security team and Engineering groups in building the future of SentinelOne 
• Communicate with management and peers by creating and tracking KPIs or OKRs

• 6+ years of experience supporting a cloud-based SaaS in an InfoSec capacity and or an operational capacity, like DevOps/SRE/Security Engineering with at least one year of experience with primarily security duties
• 4+ years working with one of our main cloud providers (AWS, GCP, Azure)
• Strong knowledge of cloud basics in the following areas: Compute, IAM, KMS, VPC, Networking, Firewalls, and native cloud security tools (e.g. AWS GuardDuty, CloudTrail, Shield, etc; GCP Secret Manager, Cloud Audit Logs, etc)
• Experience designing scalable and secure cloud networks in a multi-region environment
• Understanding of Infrastructure as Code industry best practices and how to implement them (Terraform, Pulumi, CloudFormation, Helm, etc)
• Proficiency in one or more programming languages, such as Python
• Knowledge of cloud deployment pipelines, and applied experience with Agile Software Development Life Cycle practices
• Practical knowledge of what it means to validate that an environment is meeting all security and compliance controls including assembling reports, gathering evidence, creating diagrams, and otherwise assisting with the audit process

• Experience with containers and microservices such as Kubernetes, EKS, GKE, and ECS
• Experience with Serverless technologies like Lambda and Cloud Functions/Cloud Run
• AWS Certified Solutions Architect, AWS Certified SysOps, AWS Certified Advanced Networking Specialty, AWS Certified Security Specialty, Azure AZ-500, Google Professional Cloud Security Engineer, and/or CISSP
• CNCF CKA and/or CKS
• Experience operating under regulatory frameworks such as SOC II, and ISO 27001

Join a cutting-edge company tackling extraordinary challenges alongside top industry talent. Enjoy flexible hybrid work in Prague (Karlin), Brno (Clubco), or remotely across CZ/SK. Only Prague-based employees are required to work from the office at least two days per week.

Competitive Benefits Package:

• Stock & Bonuses: Grant of Restricted Stock Units with a 4-year vesting plan, annual performance-based bonuses, and an employee stock purchase plan.
• Time Off & Well-being: Flexible Time Off, on top of the standard 5 weeks vacation, flexible paid sick days, fully paid Short Term Sick/Nursing Leave, 16-week parental leave, grandparent leave, and additional company holidays.
• Insurance & Health: Pension Insurance Contribution, Premium life insurance, Private medical care (for you and +1), and a Global Employee Assistance Program.
• Work Perks: Monthly meal and well-being allowance, high-end MacBook/Windows laptop, work-from-home support, and in-office refreshments.
• Growth & Community: LinkedIn Learning, internal mentoring, educational support, generous referral bonuses, and optional company events (sports, BBQs, charity).

Be part of an inclusive, innovative workplace that values belonging, flexibility, and growth