Senior Security Engineer
Description For Senior Security Engineer
SonarSource is seeking a Senior Security Engineer to join their Information Security team in Bochum, Germany. This role is crucial in building trust with their growing customer base by ensuring product security and maintaining high security standards. The position involves working closely with engineering teams to secure products and cloud platforms, while also managing endpoint security and resolving security issues.
The ideal candidate will have extensive experience with cloud architectures (AWS, GCP), CI/CD platforms, and application security assessment methods. They should be proficient in threat modeling, pen-testing, and CVE management. The role requires both technical expertise in cloud security and soft skills such as curiosity, teamwork, and clear communication.
SonarSource offers a dynamic work culture with over 550 employees from 33 nationalities, emphasizing respect, continuous learning, and work-life balance. The company provides a hybrid work model with a minimum of three days in the office. They are committed to diversity, equity, and inclusion, making it an excellent opportunity for security professionals looking to make a significant impact in a growing, global organization.
The position combines technical security implementation with strategic planning, offering a chance to work on cutting-edge security solutions while contributing to the company's mission of delivering clean code. The role provides opportunities for professional growth, collaboration with global teams, and the satisfaction of building secure, high-quality software products.
Responsibilities For Senior Security Engineer
- Develop and deliver security initiatives through the Strategic Security Plan
- Procure, design, and implement new security tools and features
- Work with engineering teams to design and implement security solutions for products
- Run internal and external security reviews and pen-testing campaigns
- Investigate and resolve security issues in products and internal systems
- Review engineering product architecture and solutions
- Investigate and manage CVE and cloud platform configuration
- Manage and adjust cloud networks and firewalls
Requirements For Senior Security Engineer
- Extensive experience with Cloud architectures including AWS and GCP
- Extensive experience with CI/CD platforms
- Experience with application security assessment methods and reviews
- Experience with threat modeling using frameworks like STRIDE
- Pen-Testing experience
- CVE investigation and management experience
- End-point security experience with CrowdStrike and CyberArk
- Cloud network and firewall management
- Fluency in written and spoken English
Benefits For Senior Security Engineer
- Flexible work policy with hybrid work option
- Global and diverse work environment
- Continuous learning and skill development
- Dynamic work culture that values respect and kindness
- Work-life balance
