Senior Application Security Engineer

Sonos


Job Location:

Glasgow - UK

Monthly Salary: Not Disclosed
Posted on: 4 days ago
Vacancies: 1 Vacancy

Job Summary

At Sonos we want to create the ultimate listening experience for our customers and know that it starts by listening to each other. As part of the Sonos team youll collaborate with people of all styles skill sets and backgrounds to realize our vision while fostering a community where everyone feels included and empowered to do the best work of their lives.

About Sonos

Sonos makes the worlds leading listening experiences and the products behind them span a technically diverse ecosystem: embedded firmware mobile applications web platforms cloud services and partners. If youre looking for an opportunity to apply security principles across technical domains and work on an outstanding consumer product this is a great opportunity.

The Product Security team combines modern security tooling automation and AI with industry-defining security frameworks and direct development team partnerships. We enable secure-by-design and secure-by-default practices that are a natural part of how engineers work. Were creating AI-powered workflows that encode security guidelines automate the groundwork for threat modeling and replace manual triage with intelligent pipelines. If you think security policy should run in a pipeline rather than live in a document youll fit right in.

What Youll Do

Youll own the execution layer of product security the systems tooling and processes that make security practice consistent and measurable across cloud mobile and embedded engineering domains.

Automate and scale security practice

  • Integrate and operationalize security tooling (SAST SCA secrets scanning DAST SBOM) across engineering workflows ensuring findings are high-signal and actionable

  • Partner with engineering teams to embed secure-by-design and secure-by-default practices directly into how they build

  • Build and extend AI-powered security tooling that encodes guidelines as automated workflows replacing manual review steps with intelligent pipelines that run in CI/CD

Test assess and design securely

  • Lead and scale threat modeling across cloud mobile and embedded domains including device-cloud-mobile trust boundaries

  • Establish repeatable security testing practices using automation and targeted manual assessment

  • Scope and coordinate third-party penetration testing engagements across cloud mobile web and connected devices including IoT and firmware assessments

Respond and comply

  • Support vulnerability intake triage coordinated disclosure and PSIRT readiness

What Youll Bring

  • 4 years in software engineering application security or product security

  • Experience working directly with engineering teams in modern software development environments

  • Hands-on experience implementing and operationalizing security tooling: SAST SCA DAST secrets scanning or similar

  • Experience integrating security practices and tooling into CI/CD pipelines

  • Experience using AI tools to automate security practices and previously manual activities

  • Experience scoping or coordinating penetration testing engagements and working with the results; experience with IoT or embedded device assessments is a strong plus

  • Experience working with IoT products connected devices or embedded systems is preferred but not required

Your profile will be reviewed and youll hear from us once we have an update. At Sonos we take the time to hire right and appreciate your patience.


Required Experience:

Senior IC

At Sonos we want to create the ultimate listening experience for our customers and know that it starts by listening to each other. As part of the Sonos team youll collaborate with people of all styles skill sets and backgrounds to realize our vision while fostering a community where everyone feels i...

About Company

Company Logo

Sonos is the ultimate wireless home sound system: a whole-house WiFi network that fills your home with brilliant sound, room by room.

View Profile View Profile