Sonar - Staff Security Engineer

• You can demonstrate in‑depth experience with cloud architectures - primarily AWS and distributed networks, and you’re motivated to keep exploring how modern cloud patterns can both strengthen and weaken security. • You can demonstrate deep experience with application security assessments, including reviewing code and evaluating authentication and authorization designs with a high level of curiosity and rigor. • You can demonstrate experience assessing and securing AI, Agentic and MCPs, and you are eager to experiment, learn, and define best practices in this fast‑moving space. • You can demonstrate experience in penetration testing, red‑team engagements, and bug bounty programs, and you enjoy thinking like an attacker to protect what matters most. • You can demonstrate experience with vulnerability investigation and management, from triage and prioritization to driving remediation and learning across teams. • You can demonstrate experience with threat modeling using frameworks like STRIDE, and you naturally use these techniques to spark better design discussions. • You can demonstrate hands-on experience with coding, “vibe‑coding,” and scripting (for example, Python, Bash), and you enjoy building small tools and experiments that make security work faster and smarter. • Familiarity with Azure, GCP, and Google Workspace is a plus and so is a desire to keep learning new platforms and ecosystems as Sonar evolves. • Additional comments • This role is based in Geneva, Switerzland. We are unable to consider candidates unwilling to be in Geneva, but we are willing to relocate the right candidate.