Senior Application Security Engineer
M&T BankSalary not specified
Full Time
Senior (5 to 8 years), Expert & Leadership (9+ years)
Not SpecifiedCompensation
Senior (5 to 8 years)Experience Level
Full TimeJob Type
UnknownVisa
Technology, Software Development, CybersecurityIndustries
Requirements
- Extensive experience with security engineering, particularly in offensive security practices
Responsibilities
- Collaborate with product engineering teams to design and implement secure solutions
- Review product architectures and solutions to ensure integration of security requirements
- Review cloud configuration and perform code reviews
- Develop and implement security initiatives delivered through the strategic security plan
- Procure, design, and implement new security tools or features
- Conduct internal and external security reviews, pen testing, and red team exercises
- Investigate and resolve security issues detected in products and internal systems
- Investigate and manage customer security concerns
- Act as a security SME for security incidents
- Review threat intelligence findings and analyse threat landscapes
Skills
Key technologies and capabilities for this role
Questions & Answers
Common questions about this position
What is the employment type for this Senior Security Engineer role?
This is an Employee / Full-Time position.
Is this Senior Security Engineer position remote or does it require office presence?
Sonar has a dynamic culture with employees worldwide and hub offices in the USA, Switzerland, the UK, Singapore, and Germany, but specific remote or location policy for this role is not detailed.
What skills are needed for the Senior Security Engineer - Offensive role?
The role requires expertise in offensive security to work with engineering teams on designing, building, and maintaining secure products and cloud platforms, ensuring endpoints are secure, and deploying new security solutions.
What is the company culture like at Sonar?
Sonar emphasizes a strong culture of positivity, dedication, thoughtfulness, empathy, and passion, operating as One Team with high standards, clarity of intention, urgency, and efficiency; they follow a CODE mindset and are rooted in the open source community.
What makes a strong candidate for this Senior Security Engineer position?
Strong candidates are brilliant, motivated, and driven professionals passionate about security, capable of building trust through high security standards, and aligned with Sonar's mission to supercharge developers with secure products.
Sonar
Tools for code quality and security
About Sonar
SonarSource provides tools aimed at improving code quality and security for software developers. Its main products include SonarLint, an IDE plugin that gives real-time feedback on code quality; SonarQube, a self-managed solution for comprehensive code analysis and reporting; and SonarCloud, a cloud-based service that offers similar features with the convenience of cloud management. SonarSource operates on a subscription-based model, allowing clients to access its tools through annual subscriptions or usage-based pricing for cloud services. The company serves over 400,000 organizations worldwide, emphasizing the importance of writing clean, maintainable, and secure code. SonarSource's goal is to promote the philosophy of "Clean Code," which enhances the efficiency of development teams and improves the security and reliability of software applications.
Vernier, SwitzerlandHeadquarters
2008Year Founded
$444.6MTotal Funding
LATE_VCCompany Stage
Enterprise Software, CybersecurityIndustries
501-1,000Employees
Benefits
Flexible Work Hours
Hybrid Work Options
Professional Development Budget
Risks
Tidelift acquisition may cause integration challenges, disrupting Sonar's operations.
Cultural challenges may affect the partnership with Adactin in Australia.
New distribution agreement with QBS Software may lead to channel conflicts.
Differentiation
SonarSource supports over 30 programming languages, offering broad compatibility for developers.
SonarLint provides real-time feedback in IDEs, enhancing code quality during development.
SonarQube and SonarCloud offer comprehensive code analysis, ensuring high standards for codebases.
Upsides
Sonar's acquisition of Tidelift enhances its open source software security capabilities.
Partnership with Adactin expands Sonar's reach in the Australian market.
Integration with AI-driven tools boosts Sonar's code quality assessment efficiency.
Related Jobs
RemoteRemoteSecurity Engineer, Cloud Security
Red Cell PartnersSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteSecurity Architect
EarnestSalary not specified
- Full Time
- Expert & Leadership (9+ years)
RemoteSenior Penetration Tester
HumanaSalary not specified
Remoteセキュリティエンジニア(レッドチーム)
PayPalSalary not specified
- Full Time
- Mid-level (3 to 4 years)
RemoteCopy of Security Consultant
Maze$120,000 - $140,000/year
- Full Time
- Junior (1 to 2 years)
RemoteSecurity Engineer, Product Security
Chainlink LabsSalary not specified
- Full Time
- Mid-level (3 to 4 years), Senior (5 to 8 years)
RemoteStaff Application Security Engineer (Security)
PhantomSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)