logo inner

Security Governance Officer

SonarBochum, GermanyOnsite

Why should I Apply:


At Sonar, we’re a group of brilliant, motivated, and driven professionals working hard to help organizations build responsible, secure, high-quality code quickly and systematically. We build solutions that don’t just solve symptoms of problems – we fix problems at the source – source code, to be specific.We have a dynamic culture with employees worldwide and hub offices in the USA, Switzerland, the UK, Singapore, and Germany. We believe team members should have the opportunity to come to work every day, work on a product they are proud of, love what they do, and feel energized by their peers.

With our roots deep in the open source community, we’re all about the mission: provide solutions that deliver Clean Code.The impact you can haveWe have a primary goal to ensure the security of our products and the security of our organization meet stringent standards to demonstrate to our rapidly growing customer base how seriously we take security. We have an exciting business agenda ahead and want to continue building customer trust by strengthening our security profile, ensuring a zero-trust architecture, and expanding our suite of independent certifications. Sonar has been ISO 27001 certified since 2022, and we are now pursuing SOC2 Type 2.To achieve this goal, we are seeking a talented security governance professional to join the Security Governance team.

You will have extensive experience implementing security governance frameworks and managing audit processes. You will raise the bar for our security processes, procedures, and controls across our organization, ensuring they are designed and implemented to levels that will bring value to the organization and satisfy an independent audit. As part of a team-based organization, your contributions will impact the growth of our business via Sonar’s “collective intelligence” mindset.

On a daily basis, you will


  • Formalize the security controls objectives, testing framework, and measurements.
  • Perform the controls testing and identify improvement activities to ensure compliance with internal security policies and external regulations.
  • Liaise with all departments to assess the compliance gaps, determine the remediation actions to close them, and track and report progress.
  • Contribute to the implementation of the trust service principles required for SOC compliance and auditing of the systems and processes to obtain SOC2 reports.
  • Contribute to the continuous improvement of the ISO 27001 Information Security Management System.
  • Perform security risk assessments, perform in-depth analysis, design mitigating security controls, and document the gaps and actions.
  • Design, generate, or source metrics, providing status reports on gaps, exceptions, and risks through key indices.
  • Deliver information security awareness campaigns, training, and educational activities.
  • Contribute to decision-making processes to be aligned with business security objectives and risk tolerance.
  • Contribute to aligning information security with business goals.
  • Basis the learnings from internal and external assessments, measuring information security against internal policies and procedures to raise the bar of the overall information security program.
  • Contribute to the Business Continuity, Disaster Recovery, Vulnerability Management and Application Security processes.

The skills you will demonstrate


  • You have at least 5 years of Security Governance, managing security risk, implementing and testing controls.
  • You have experience implementing and maintaining compliance with ISO 27001 standards and/or the SOC trust principles.
  • You have experience managing internal and external audits through careful preparation and post-audit activities.
  • You have experience working with GRC tools or Trust Center equivalents.
  • You have experience addressing Information Security issues in a broad range of IT disciplines, infrastructures, and technologies.
  • You have experience with SaaS/Cloud technologies and on-premise software delivery.
  • You have experience working on cross-team projects across a global organization.
  • You have experience reporting and presenting operational activity and project progress.
  • You are a friendly, enthusiastic, and organized team player. You actively share your knowledge and give and receive feedback to improve the team and yourself.  
  • You are fluent in English, both written and spoken.

Why you will love it here:


• Our culture and mission set us apart. We have a dynamic work culture that values respect and kindness – and embraces the right to fail (and get right back up again!). We believe that the best idea wins and everyone has a voice.• We believe that great people make a great company. We value people skills as much as technical skills and strive to keep things friendly and laid-back while still being passionate leaders in our domains. Our 550+ SonarSourcers from 33 different nationalities can relate!• We embrace work-life balance.

It is important to maintain a healthy work-life balance. This is why we have a flexible work policy that includes remote and in-office hybrid work (minimum three days a week in the office - Monday/Tuesday/Thursday).• We have a growth mindset. We love to learn and believe that continuous education is critical to our success. In an ever-changing industry, new skills are a must, and we're happy to help our team acquire them.

We prioritize Diversity, Equity, and Inclusion:


At Sonar, we are a global workforce and recognize the value of different backgrounds, and global cultures.We are committed to creating a diverse work environment and are proud to be an equal-opportunity employer. All qualified applicants will be considered for employment without regard to race, colour, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.All offers of employment at Sonar are contingent upon the clear results of a comprehensive background check conducted prior to the start date.Apply for this job

Life at Sonar

Thrive Here & What We Value- Safe Work Culture: Respectful, kind, and supportive environment; encourages calculated risk-taking without fear of unjust consequences.- Hiring Great People: Emphasizes strong communication skills alongside technical expertise; fosters open dialogue and innovation.- Promoting Continuous Learning: Encourages lifelong learning through training programs, workshops, and resources for skill development.- Work-Life Balance: Offers flexible working hours to prioritize personal lives while maintaining productivity at work.- Core Values: Smarter Together, Excellence, Innovation, Delivery; guides actions towards collaboration, creativity, and exceptional results.- Zero-Tolerance Policy: Fosters an inclusive environment free from discrimination based on race, gender, age, religion, disability, sexual orientation, or other protected characteristics.- Teamwork: Leverages individual strengths through collaboration to achieve company goals and build strong relationships with partners, customers, and stakeholders.- Client-Centric Approach: Prioritizes client needs by delivering high-quality services that meet or exceed expectations while upholding ethical business practices.- Leadership Development: Investment in employee growth through leadership development opportunities to nurture future industry leaders.- Continuous Improvement: Committed to evaluating and adapting processes, products, and services for innovation and staying ahead of industry trends while encouraging personal growth.
View more
Your tracker settings

We use cookies and similar methods to recognize visitors and remember their preferences. We also use them to measure ad campaign effectiveness, target ads and analyze site traffic. To learn more about these methods, including how to disable them, view our Cookie Policy or Privacy Policy.

By tapping `Accept`, you consent to the use of these methods by us and third parties. You can always change your tracker preferences by visiting our Cookie Policy.

logo innerThatStartupJob
Discover the best startup and their job positions, all in one place.
Quick SearchSearch JobsSearch Remote Jobs hiring WorldwideSearch Remote Jobs in the USSearch Jobs in IndiaSearch Remote Jobs in UKSearch by Title
AreaCaliforniaMassachusettsNew YorkTexasVirginiaWashington D.C.View all
Popular SubRemote JobsWeb3 JobsiOS Developer JobsFront End Developer Remote JobsComputational Geometry JobsCannabis CareersView all
CompanyAbout UsContact usBlogCreditsCareersPrivacy PolicyCookie Policy
Copyright © 2024