About the Job

Ensure product and cloud platform security through design, implementation, and incident management at SonarSource.

Key Responsibilities

Implement security initiatives
Procure and design security tools
Collaborate on product security design
Conduct security reviews and pen-tests
Investigate security issues
Review product architecture for security
Manage CVE and cloud configurations
Manage cloud networks and firewalls

Job Description

Senior Security Engineer - SonarSource SA

Location: Vernier, CH-013, Switzerland (On-site)

About SonarSource SA

At Sonar, we’re a group of brilliant, motivated, and driven professionals working to help organizations build responsible, secure, and high-quality code quickly and systematically. We build solutions that fix problems at the source — source code.

We have a dynamic culture with employees worldwide, with hub offices in the USA, Switzerland, the UK, Singapore, and Germany. We foster an environment where team members can be proud of their work and energized by their peers, deeply rooted in the open-source community and our mission to provide solutions delivering Clean Code.

Impact and Role

Our primary goal is to build trust with our rapidly growing customer base by ensuring product security and demonstrating adherence to stringent security standards.

As a member of the Information Security team, you will:

Partner with engineering teams to design, build, and maintain products and cloud platforms to Sonar’s high security standards.
Ensure endpoints are fully secure and meet engineers' needs by procuring and deploying new solutions.
Investigate and resolve security issues.
Contribute to the growth of our business through Sonar’s “collective intelligence” mindset.

Daily Responsibilities

Develop and deliver security initiatives within the Strategic Security Plan.
Procure, design, and implement new security tools and features.
Collaborate with engineering teams on product security design and implementation.
Conduct internal and external security reviews and penetration testing campaigns.
Investigate and resolve security issues in products and internal systems.
Review engineering product architecture to ensure security requirements integration.
Manage CVE and cloud platform configurations.
Manage and adjust cloud networks and firewalls.

Technical Skills Required

Extensive experience with Cloud architectures including AWS and GCP.
Extensive experience with CI/CD platforms.
Experience with application security assessment methods including authentication and authorization.
Experience with threat modeling frameworks like STRIDE.
Penetration testing experience.
CVE investigation and management.
Endpoint security tools (e.g., CrowdStrike, CyberArk).
Cloud network and firewall management.
Azure platform and Google Workspace experience are a plus.

Soft Skills

Naturally curious.
Friendly, enthusiastic, and organized team player.
Actively share knowledge and give/receive feedback.
Ability to clearly identify and articulate problems before solving.
Experience working on cross-team projects across global organizations.
Fluency in written and spoken English.

Why Join Sonar

Dynamic culture valuing respect, kindness, and learning from failures.
Passionate leadership with a team of over 550 from 33 nationalities.
Flexible hybrid work policy (minimum 3 days onsite: Monday, Tuesday, Thursday).
Commitment to continuous education and skill development.
Strong commitment to diversity, equity, and inclusion.
Equal opportunity employer.

All offers are contingent on successful background checks.

Contact

Contact Person

Krystal Arcoraci

Senior Security Engineer