Security Product Manager at Sonar

Bochum, North Rhine-Westphalia, Germany

Apply Now

Not SpecifiedCompensation

Mid-level (3 to 4 years), Senior (5 to 8 years)Experience Level

Full TimeJob Type

UnknownVisa

Cybersecurity, Software DevelopmentIndustries

Requirements

Deep technical background in code security or static application security testing (SAST)
Experience in software product management, preferably in an agile context
Passionate about secure software development and application security testing
Deep understanding of the security needs in at least one speciality domain, e.g., cloud, IaC, or mobile security
Familiar with the application security testing (AST) market and its vendors
Technical comprehension of the architectures related to code scanning and static analysis
Highly autonomous and pragmatic
Open-minded and very positive

Responsibilities

Drive the vision and roadmap for SonarQube Cloud, SonarQube Server, and SonarQube for IDE
Shape the code security offering, ensuring developers write more secure code and have a seamless experience
Contribute to the product visions and communicate about them, internally and externally
Research, clarify, and prioritize opportunities to build and maintain an effective roadmap
Interact with users and customers on the product forum to support them, integrate feedback, and identify opportunities
Develop a deep understanding of code security and how SonarSource can enable developers to write more secure software
Work closely with other product managers to design cross-product features
Align with the engineering and UX teams on the problems to solve and support them during the end-to-end development stage
Sync with the engineering teams to ensure a balance between innovation, consolidation, and stability
Attend conferences and give talks (optional)
Help the Product Management team grow in its organization, tools, and processes

Skills

Product Management

Agile

SAST

AST

Static Analysis

Code Security

IaC

Cloud Security

Mobile Security

SonarQube

Sonar

Tools for code quality and security

About Sonar

SonarSource provides tools aimed at improving code quality and security for software developers. Its main products include SonarLint, an IDE plugin that gives real-time feedback on code quality; SonarQube, a self-managed solution for comprehensive code analysis and reporting; and SonarCloud, a cloud-based service that offers similar features with the convenience of cloud management. SonarSource operates on a subscription-based model, allowing clients to access its tools through annual subscriptions or usage-based pricing for cloud services. The company serves over 400,000 organizations worldwide, emphasizing the importance of writing clean, maintainable, and secure code. SonarSource's goal is to promote the philosophy of "Clean Code," which enhances the efficiency of development teams and improves the security and reliability of software applications.

Vernier, SwitzerlandHeadquarters

2008Year Founded

$444.6MTotal Funding

LATE_VCCompany Stage

Enterprise Software, CybersecurityIndustries

501-1,000Employees

Benefits

Flexible Work Hours

Hybrid Work Options

Professional Development Budget

Risks

Tidelift acquisition may cause integration challenges, disrupting Sonar's operations.

Cultural challenges may affect the partnership with Adactin in Australia.

New distribution agreement with QBS Software may lead to channel conflicts.

Differentiation

SonarSource supports over 30 programming languages, offering broad compatibility for developers.

SonarLint provides real-time feedback in IDEs, enhancing code quality during development.

SonarQube and SonarCloud offer comprehensive code analysis, ensuring high standards for codebases.

Upsides

Sonar's acquisition of Tidelift enhances its open source software security capabilities.

Partnership with Adactin expands Sonar's reach in the Australian market.

Integration with AI-driven tools boosts Sonar's code quality assessment efficiency.

Land your dream remote job 3x faster with AI

Try Jobo Free