AppSec Engineering Manager

SonarSource

SonarSource

Software Engineering, Other Engineering
Geneva, Switzerland
Posted 6+ months ago
Why should I Apply:
At Sonar, we’re a group of brilliant, motivated, and driven professionals working hard to help organizations build responsible, secure, high-quality code quickly and systematically. We build solutions that don’t just solve symptoms of problems – we fix problems at the source – source code, to be specific.
We have a dynamic culture with employees worldwide and hub offices in the USA, Switzerland, the UK, Singapore, and Germany. We believe team members should have the opportunity to come to work every day, work on a product they are proud of, love what they do, and feel energized by their peers. With our roots deep in the open source community, we’re all about the mission: provide solutions that deliver Clean Code.
The impact you will have
You will be responsible for a team of talented AppSec Researchers / Engineers who play a central role in realizing our goals to provide the best static application security testing (SAST) solution on the market. Like us, you believe that application security is not the responsibility of a few experts and that developers can have the biggest impact when they get the right information at the right time.
As the Engineering Manager of the AppSec Squad inside the Languages Team, you are responsible for building the long-term vision of AppSec Engineering at Sonar, ensuring the team is well-staffed and resourced to deliver, and leading by example to fostering a culture of growth, self-direction, and innovation.
As part of the role, you will participate in an on-call rotation to provide timely support and address any critical system issues that may arise outside of regular working hours.

In this role, you can expect to

  • Lead and manage a team of AppSec Researchers / Engineers, providing feedback, guidance, support, and mentorship to help individuals grow in autonomy and contribute to the squad's success.
  • Foster a safe culture of feedback, continuous improvement, and collaboration, encouraging team members to share their ideas and concerns openly.
  • Align feedback with other teams to ensure things operate smoothly between them.
  • Develop and communicate a clear vision for the squad that aligns with the company strategy, and ensure that the team's work and focus align with this vision.
  • Be responsible that the squad defines clear goals aligned with the team, department, and company.
  • Be accountable that the squad tracks sprints and progress.
  • Be accountable that processes and ceremonies align with company expectations to deliver the best product successfully.
  • Ensure the right level of collaboration happens with the squad stakeholders (Product Managers, developer squads, Developer Advocates, management, etc.).
  • Hire world-class AppSec Engineers for the team. Participate in constructing the hiring process for the team and ensure we can recruit enough to reach our goals.
  • Be accountable for the onboarding of new team members.
  • Model the behaviors and values that the company holds dear, including humility and servant leadership.

The technical skills you demonstrate

  • Relevant experience in the AppSec domain, including knowing the most common types of vulnerabilities and how to locate vulnerabilities in the code.
  • Having a developer mindset: experience with coding lifecycle, ability to produce secure code, to do code reviews, and jump into an unknown codebase, language, and framework.
  • Good knowledge of at least one programming language along with its development environment to understand end-users context and expectations.
  • Experience with Agile methodologies.

The leadership skills you demonstrate

  • At least 3 years of experience in a leadership or management role, with a proven track record of delivering results and building high-performing teams.
  • A growth mindset and a passion for helping individuals and teams reach their full potential.
  • Strong decision-making skills, with the ability to prioritize tasks and resources effectively.
  • Capability to make concrete progress in the face of ambiguity and imperfect knowledge.

The soft skills you demonstrate

  • Excellent communication and interpersonal skills.
  • Ability to start with the Why instead of the What or How. Ability to deliver effective feedback.
  • Good listening skills.
  • High level of self-direction and still accepting help and feedback from team members and peers.
  • Ability for self-reflection and improvement.
Why you will love it here:
Our culture and mission set us apart. We have a dynamic work culture that values respect and kindness – and embraces the right to fail (and get right back up again!). We believe that the best idea wins and everyone has a voice.
We believe that great people make a great company. We value people skills as much as technical skills and strive to keep things friendly and laid-back while still being passionate leaders in our domains. Our 550+ SonarSourcers from 33 different nationalities can relate!
We embrace work-life balance. It is important to maintain a healthy work-life balance. This is why we have a flexible work policy that includes remote and in-office hybrid work (minimum three days a week in the office - Monday/Tuesday/Thursday).
We have a growth mindset. We love to learn and believe that continuous education is critical to our success. In an ever-changing industry, new skills are a must, and we're happy to help our team acquire them.
We prioritize Diversity, Equity, and Inclusion:
At Sonar, we are a global workforce and recognize the value of different backgrounds, and global cultures.
We are committed to creating a diverse work environment and are proud to be an equal-opportunity employer. All qualified applicants will be considered for employment without regard to race, colour, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.
All offers of employment at Sonar are contingent upon the clear results of a comprehensive background check conducted prior to the start date.