Information Security Specialist

📋 Description

• • As an Information Security Specialist at SonarSource SA, you will play a pivotal role in safeguarding our rapidly expanding customer base by ensuring the Sonar organization upholds the highest standards of security. This position is integral to building and maintaining the trust our users place in us, a trust that is fundamental to our continued growth and success.
• • You will be a key member of the Information Security team, operating from our Austin, Texas office. Your responsibilities will span providing critical security support across various departments, including our engineering teams, senior management, and, when necessary, the incident management team. This cross-functional engagement ensures that security is embedded in all aspects of our operations.
• • A significant part of your role will involve proactive security measures, including the identification, assessment, and mitigation of potential security risks and vulnerabilities within our systems and processes. You will contribute to the development and implementation of robust security policies, procedures, and best practices that align with industry standards and regulatory requirements.
• • You will be instrumental in conducting security reviews of new features, products, and infrastructure changes, ensuring that security considerations are addressed from the initial design phase through to deployment. This includes collaborating closely with engineering teams to integrate security into the software development lifecycle (SDLC), promoting a secure-by-design approach.
• • Your expertise will be crucial in monitoring our security posture, utilizing various tools and technologies to detect and respond to security incidents. This involves participating in incident response activities, performing forensic analysis, and contributing to post-incident reviews to identify lessons learned and implement preventative measures.
• • You will also be involved in security awareness training and education for employees, fostering a security-conscious culture throughout the organization. This includes developing and delivering training materials and promoting best practices for data protection and cybersecurity.
• • Furthermore, you will contribute to compliance efforts, assisting in audits and assessments to ensure adherence to relevant security frameworks and regulations. This may involve gathering evidence, documenting controls, and working with external auditors.
• • The role requires a deep understanding of common security threats, attack vectors, and mitigation strategies. You will stay abreast of the latest security trends, technologies, and vulnerabilities to ensure Sonar remains at the forefront of information security.
• • Your positive contributions will significantly impact the growth of the business through Sonar’s “collective intelligence” mindset, where shared knowledge and collaborative problem-solving drive our security initiatives forward.
• • You will work with a team that is deeply committed to the company, its users, and the open-source community, embodying Sonar's core values of positivity, dedication, thoughtfulness, empathy, and passion.
• • This position offers a unique opportunity to contribute to a company that is revolutionizing code quality and security, enabling developers worldwide to build better, faster, and more secure applications. You will be part of a dynamic culture with employees worldwide, working on a product you can be proud of and feeling energized by your peers.
• • The impact you will have extends to enhancing the developer experience by ensuring the integrity and security of the tools they rely on, ultimately contributing to the creation of more secure, reliable, and maintainable applications across the globe.
• • You will be an active participant in the continuous improvement of code quality and code security, directly supporting Sonar's mission to help developers focus on innovation rather than toil.
• • This role is essential in maintaining the trust of our +7M developers and 400K organizations worldwide, including prominent entities like the DoD, Microsoft, NASA, MasterCard, Siemens, and T-Mobile.
• • You will be a key player in a fast-paced, agile environment, where decisions are made with clarity of intention, and progress is achieved with extreme urgency and efficiency.
• • Ultimately, you will help ensure that Sonar's solutions, which support over 30 programming languages, frameworks, and infrastructure technologies, remain secure and reliable for all users.