Senior Application Security Engineer
M&T BankSalary not specified
Full Time
Senior (5 to 8 years), Expert & Leadership (9+ years)
Not SpecifiedCompensation
Senior (5 to 8 years)Experience Level
Full TimeJob Type
UnknownVisa
Cybersecurity, Software Development, TechnologyIndustries
Requirements
- Extensive experience (inferred from "The Experience You Will Need: Extensive experience wi" – likely in security engineering, offensive security, pen testing, or related fields)
Responsibilities
- Collaborate with product engineering teams to design and implement secure solutions
- Review product architectures and solutions to ensure integration of security requirements
- Review cloud configuration and perform code reviews
- Develop and implement security initiatives delivered through the strategic security plan
- Procure, design, and implement new security tools or features
- Conduct internal and external security reviews, pen testing, and red team exercises
- Investigate and resolve security issues detected in products and internal systems
- Investigate and manage customer security concerns
- Act as a security SME for security incidents
- Review threat intelligence findings and analyse threat landscapes
Skills
Key technologies and capabilities for this role
Questions & Answers
Common questions about this position
What is the employment type for this Senior Security Engineer role?
This is an Employee / Full-Time position.
Is this Senior Security Engineer position remote or does it require office presence?
Sonar has a dynamic culture with employees worldwide and hub offices in the USA, Switzerland, the UK, Singapore, and Germany, but specific remote or location policy details are not specified.
What are the main responsibilities for this offensive security engineer role?
You will work with engineering teams to ensure products and cloud platforms are designed, built, and maintained to high security standards, assist through constant improvement, ensure endpoints are secure, and procure and deploy new solutions.
What is the company culture like at Sonar?
Sonar has a strong culture obsessed with the company, users, each other, and the open source community, emphasizing high standards, accountability, positivity, dedication, thoughtfulness, empathy, passion, clarity of intention, urgency, effectiveness, and operating as One Team with a CODE mindset.
What makes a strong candidate for this Senior Security Engineer position?
Strong candidates are brilliant, motivated, driven professionals passionate about supercharging developers, improving code quality and security, and building trust through secure products and platforms, with alignment to Sonar's high standards and open source roots.
Sonar
Tools for code quality and security
About Sonar
SonarSource provides tools aimed at improving code quality and security for software developers. Its main products include SonarLint, an IDE plugin that gives real-time feedback on code quality; SonarQube, a self-managed solution for comprehensive code analysis and reporting; and SonarCloud, a cloud-based service that offers similar features with the convenience of cloud management. SonarSource operates on a subscription-based model, allowing clients to access its tools through annual subscriptions or usage-based pricing for cloud services. The company serves over 400,000 organizations worldwide, emphasizing the importance of writing clean, maintainable, and secure code. SonarSource's goal is to promote the philosophy of "Clean Code," which enhances the efficiency of development teams and improves the security and reliability of software applications.
Vernier, SwitzerlandHeadquarters
2008Year Founded
$444.6MTotal Funding
LATE_VCCompany Stage
Enterprise Software, CybersecurityIndustries
501-1,000Employees
Benefits
Flexible Work Hours
Hybrid Work Options
Professional Development Budget
Risks
Tidelift acquisition may cause integration challenges, disrupting Sonar's operations.
Cultural challenges may affect the partnership with Adactin in Australia.
New distribution agreement with QBS Software may lead to channel conflicts.
Differentiation
SonarSource supports over 30 programming languages, offering broad compatibility for developers.
SonarLint provides real-time feedback in IDEs, enhancing code quality during development.
SonarQube and SonarCloud offer comprehensive code analysis, ensuring high standards for codebases.
Upsides
Sonar's acquisition of Tidelift enhances its open source software security capabilities.
Partnership with Adactin expands Sonar's reach in the Australian market.
Integration with AI-driven tools boosts Sonar's code quality assessment efficiency.
Related Jobs
RemoteRemoteSecurity Engineer, Cloud Security
Red Cell PartnersSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteSecurity Architect
EarnestSalary not specified
- Full Time
- Expert & Leadership (9+ years)
RemoteSenior Penetration Tester
HumanaSalary not specified
RemoteCopy of Security Consultant
Maze$120,000 - $140,000/year
- Full Time
- Junior (1 to 2 years)
RemoteSecurity Analyst
Qualified.com$130,000 - $145,000/year
- Full Time
- Junior (1 to 2 years)
RemoteStaff Application Security Engineer (Security)
PhantomSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteSecurity Engineer, Product Security
Chainlink LabsSalary not specified
- Full Time
- Mid-level (3 to 4 years), Senior (5 to 8 years)