Publication date:27 January 2023
Place of work:PO BOX 765, 1215 Geneva 15
The Impact you can have
SonarSource has an objective to ensure the security of our products and the security of our organization meet stringent standards to demonstrate to our rapidly growing customer base how seriously we take security. To achieve this goal, we are looking for a talented Security Tester to join the team to continue to raise the bar for the security of our products, cloud platforms, software delivery pipelines, and operational activities.
On a daily basis, you will
- Uncover, discuss, exploit and report critical and complex vulnerabilities in our products, infrastructure, cloud platforms, and internal tools
- Perform specification reviews and code audits of both internal tools and our products
- Provide input to internal processes and policies to help continuous environment hardening
- Automate the detection of vulnerabilities to bring efficiency to our security testing
- Stay up-to-date with cutting-edge security topics and new attack vectors
- Communication of findings/innovations internally
- Showcase attacks for colleagues so people understand the threat actor’s capabilities
- Share your findings with colleagues to foster knowledge sharing and awareness
- Manage third-party pen-testings of our products, including learning from them to understand the gaps in our armory
Required Technical Skills
- You have a proven track record of code review to find critical security vulnerabilities in web applications.
- You have strong knowledge of the AWS Cloud Services, working knowledge of other cloud platforms, and microservice architectures
- You have a deep understanding of major security vulnerability types, how to spot these in source code, and how to exploit them with different techniques
- You have a good understanding of the CVE Process
- You understand authentication and authorization mechanisms, including single sign-on patterns
- You have a broad knowledge and experience of the tools and software used for security testing
Required Soft Skills
- Analytical and problem-solving skills to identify and assess risks, threats, patterns, and trends
- Taking initiative and having the ability to lead a subject from beginning to end
- Open-minded and very positive can-do attitude
- Comfortable in dealing with change and complexity
- Self-confident enough to challenge the status quo
- Friendly, enthusiastic, and organized team player, actively share your knowledge and give and receive feedback, to improve the team and yourself
- Fluent in English, both written and spoken
- Safe work culture - we value respect, kindness, and the right to fail.
- Flexible hours - we schedule our days in order to be effective at work, while also being able to enjoy life’s important moments.
- Great people - we value people skills as much as technical skills and strive to keep things friendly and laid back. Still, that does not prevent us to be passionate leaders in our domains. Our 300+ SonarSourcers from 33 different nationalities can relate!
- Work-life balance - keeping a healthy work-life balance is important. This is why we have a hybrid work policy and some people prefer working some days from home.
- Always keep learning - in an ever-changing industry, learning new skills is a must, and we're happy to help our team to acquire them.
What we do
Who we are
No recruitment agencies please