Job Description

Employment Type: Full-Time

Position Overview

Sonatype is the software supply chain security company. We provide the world’s best end-to-end software supply chain security solution, combining proactive protection against malicious open source, enterprise-grade SBOM management, and the leading open-source dependency management platform. This empowers enterprises to create and maintain secure, quality, and innovative software at scale. As founders of Nexus Repository and stewards of Maven Central, the world’s largest repository of Java open-source software, we are software pioneers with unmatched open-source expertise. We empower innovation with an unparalleled commitment to build faster, safer software and harness AI and data intelligence to mitigate risk, maximize efficiencies, and drive powerful software development. More than 2,000 organizations, including 70% of the Fortune 100 and 15 million software developers, rely on Sonatype to optimize their software supply chains.

We are looking for team members who want to help us change the way the world innovates through software. The Sonatype team has already done this through its contributions to the Maven build system, the Nexus Repository Manager and Nexus Lifecycle, and most recently with Sonatype SBOM manager – literally changing the way the world creates and delivers software across thousands of organizations and millions of developers. That was just the beginning. We need your help so that we can do it again. If you are interested in delivering value across nearly every decision made in the world of software development, to help companies create better and safer software faster, to transform innovation through software, read on.

Who You Are and What You'll Do

You are an engineer with 4+ years of experience running high availability systems and supporting infrastructure in customer-facing production environments. You are motivated by the opportunity to define repeatable practices for service delivery via modular, reusable automation and a developer platform that enables self-service delivery of services. You will also participate in the governance controls that reduce risk and promote standardization across the organization.

You will be a member of the Sonatype Developer Experience team, which has a wide range of responsibilities to drive service delivery excellence for Sonatype products and services that are customer-facing and customer-adjacent. You will refine a set of high-level enablement practices – for instance, design review, service launch coordination, production readiness assessment, service level objective definition/review, incident management, and cost awareness – to support delivery teams at various phases of their service lifecycle and maturity. You will collaborate closely with Sonatype delivery teams to define product-specific metrics and remediations through system analysis, testing, and fault troubleshooting.

What You Need

• Proficiency with a high-level programming language (e.g., Python, Go), bash scripting, and Linux.
• Proficiency in modern technical operating practices.
• System architecture & design experience.
• Continuous integration / continuous delivery (Jenkins, FluxCD, and GitHub Actions).
• Infrastructure as Code (Terraform).
• Cloud services (AWS) and Kubernetes.
• SRE principles & practices.
• Experience with specific AWS offerings, including many of: ECS/EKS/ECR, EC2, S3, RDS, VPCs, IAM Policy Docs, Policies, Roles, and Instance Profiles, Cloudwatch Logs.
• Docker Containers and orchestration (ECS, EKS).
• Terraform and the use of Terraform modules.
• Kubernetes cluster concepts and design.
• Experience improving service observability: monitoring agents, metrics, logging, and dashboards. Knowledge of OpenTelemetry and Prometheus and observability platforms similar to DataDog, Splunk, Dynatrace, or Observe.
• Comfortable participating in an on-call rotation with teammates to respond and triage production issue escalations during off-hours.