Senior Application Security Engineer
M&T BankSalary not specified
Full Time
Senior (5 to 8 years), Expert & Leadership (9+ years)
Not SpecifiedCompensation
Senior (5 to 8 years)Experience Level
Full TimeJob Type
UnknownVisa
Cybersecurity, Software Development, TechnologyIndustries
Requirements
- Extensive experience (inferred from "The Experience You Will Need: Extensive experience wi" – likely in security engineering, offensive security, pen testing, or related fields)
Responsibilities
- Collaborate with product engineering teams to design and implement secure solutions
- Review product architectures and solutions to ensure integration of security requirements
- Review cloud configuration and perform code reviews
- Develop and implement security initiatives delivered through the strategic security plan
- Procure, design, and implement new security tools or features
- Conduct internal and external security reviews, pen testing, and red team exercises
- Investigate and resolve security issues detected in products and internal systems
- Investigate and manage customer security concerns
- Act as a security SME for security incidents
- Review threat intelligence findings and analyse threat landscapes
Skills
Offensive Security
Security Engineering
Code Security
Static Analysis
Vulnerability Assessment
Penetration Testing
Sonar
Tools for code quality and security
About Sonar
SonarSource provides tools aimed at improving code quality and security for software developers. Its main products include SonarLint, an IDE plugin that gives real-time feedback on code quality; SonarQube, a self-managed solution for comprehensive code analysis and reporting; and SonarCloud, a cloud-based service that offers similar features with the convenience of cloud management. SonarSource operates on a subscription-based model, allowing clients to access its tools through annual subscriptions or usage-based pricing for cloud services. The company serves over 400,000 organizations worldwide, emphasizing the importance of writing clean, maintainable, and secure code. SonarSource's goal is to promote the philosophy of "Clean Code," which enhances the efficiency of development teams and improves the security and reliability of software applications.
Vernier, SwitzerlandHeadquarters
2008Year Founded
$444.6MTotal Funding
LATE_VCCompany Stage
Enterprise Software, CybersecurityIndustries
501-1,000Employees
Benefits
Flexible Work Hours
Hybrid Work Options
Professional Development Budget
Risks
Tidelift acquisition may cause integration challenges, disrupting Sonar's operations.
Cultural challenges may affect the partnership with Adactin in Australia.
New distribution agreement with QBS Software may lead to channel conflicts.
Differentiation
SonarSource supports over 30 programming languages, offering broad compatibility for developers.
SonarLint provides real-time feedback in IDEs, enhancing code quality during development.
SonarQube and SonarCloud offer comprehensive code analysis, ensuring high standards for codebases.
Upsides
Sonar's acquisition of Tidelift enhances its open source software security capabilities.
Partnership with Adactin expands Sonar's reach in the Australian market.
Integration with AI-driven tools boosts Sonar's code quality assessment efficiency.
Related Jobs
RemoteRemoteSecurity Engineer, Cloud Security
Red Cell PartnersSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteSecurity Architect
EarnestSalary not specified
- Full Time
- Expert & Leadership (9+ years)
RemoteSenior Penetration Tester
HumanaSalary not specified
RemoteCopy of Security Consultant
Maze$120,000 - $140,000/year
- Full Time
- Junior (1 to 2 years)
RemoteSecurity Analyst
Qualified.com$130,000 - $145,000/year
- Full Time
- Junior (1 to 2 years)
RemoteStaff Application Security Engineer (Security)
PhantomSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteSecurity Engineer, Product Security
Chainlink LabsSalary not specified
- Full Time
- Mid-level (3 to 4 years), Senior (5 to 8 years)