Security Governance Officer

4 Months ago • 5 Years + • Cyber Security

Job Summary

Job Description

Seeking a Security Governance Officer with 5+ years of experience in security governance, managing security risk, implementing and testing controls, with expertise in ISO 27001 and SOC trust principles. You'll ensure the security of our products and organization meets stringent standards, and contribute to our growth through our 'collective intelligence' mindset.
Must have:
  • Security Governance
  • ISO 27001
  • SOC Trust
  • Security Risk
Good to have:
  • GRC Tools
  • SaaS/Cloud
  • Vulnerability Mgmt
  • Application Security
Perks:
  • Flexible Work
  • Growth Mindset

Job Details

Why should I Apply:

At Sonar, we’re a group of brilliant, motivated, and driven professionals working hard to help organizations build responsible, secure, high-quality code quickly and systematically. We build solutions that don’t just solve symptoms of problems – we fix problems at the source – source code, to be specific.

We have a dynamic culture with employees worldwide and hub offices in the USA, Switzerland, the UK, Singapore, and Germany. We believe team members should have the opportunity to come to work every day, work on a product they are proud of, love what they do, and feel energized by their peers. With our roots deep in the open source community, we’re all about the mission: provide solutions that deliver Clean Code.

The impact you can have

We have a primary goal to ensure the security of our products and the security of our organization meet stringent standards to demonstrate to our rapidly growing customer base how seriously we take security. We have an exciting business agenda ahead and want to continue building customer trust by strengthening our security profile, ensuring a zero-trust architecture, and expanding our suite of independent certifications. Sonar has been ISO 27001 certified since 2022, and we are now pursuing SOC2 Type 2.To achieve this goal, we are seeking a talented security governance professional to join the Security Governance team. You will have extensive experience implementing security governance frameworks and managing audit processes. You will raise the bar for our security processes, procedures, and controls across our organization, ensuring they are designed and implemented to levels that will bring value to the organization and satisfy an independent audit. As part of a team-based organization, your contributions will impact the growth of our business via Sonar’s “collective intelligence” mindset.

On a daily basis, you will

    • Formalize the security controls objectives, testing framework, and measurements.
    • Perform the controls testing and identify improvement activities to ensure compliance with internal security policies and external regulations.
    • Liaise with all departments to assess the compliance gaps, determine the remediation actions to close them, and track and report progress.
    • Contribute to the implementation of the trust service principles required for SOC compliance and auditing of the systems and processes to obtain SOC2 reports.
    • Contribute to the continuous improvement of the ISO 27001 Information Security Management System.
    • Perform security risk assessments, perform in-depth analysis, design mitigating security controls, and document the gaps and actions.
    • Design, generate, or source metrics, providing status reports on gaps, exceptions, and risks through key indices.
    • Deliver information security awareness campaigns, training, and educational activities.
    • Contribute to decision-making processes to be aligned with business security objectives and risk tolerance.
    • Contribute to aligning information security with business goals.
    • Basis the learnings from internal and external assessments, measuring information security against internal policies and procedures to raise the bar of the overall information security program.
    • Contribute to the Business Continuity, Disaster Recovery, Vulnerability Management and Application Security processes.

The skills you will demonstrate

    • You have at least 5 years of Security Governance, managing security risk, implementing and testing controls.
    • You have experience implementing and maintaining compliance with ISO 27001 standards and/or the SOC trust principles.
    • You have experience managing internal and external audits through careful preparation and post-audit activities.
    • You have experience working with GRC tools or Trust Center equivalents.
    • You have experience addressing Information Security issues in a broad range of IT disciplines, infrastructures, and technologies.
    • You have experience with SaaS/Cloud technologies and on-premise software delivery.
    • You have experience working on cross-team projects across a global organization.
    • You have experience reporting and presenting operational activity and project progress.
    • You are a friendly, enthusiastic, and organized team player. You actively share your knowledge and give and receive feedback to improve the team and yourself.  
    • You are fluent in English, both written and spoken.
Why you will love it here:

Our culture and mission set us apart. We have a dynamic work culture that values respect and kindness – and embraces the right to fail (and get right back up again!). We believe that the best idea wins and everyone has a voice.
We believe that great people make a great company. We value people skills as much as technical skills and strive to keep things friendly and laid-back while still being passionate leaders in our domains. Our 550+ SonarSourcers from 33 different nationalities can relate!
We embrace work-life balance. It is important to maintain a healthy work-life balance. This is why we have a flexible work policy that includes remote and in-office hybrid work (minimum three days a week in the office - Monday/Tuesday/Thursday).
We have a growth mindset. We love to learn and believe that continuous education is critical to our success. In an ever-changing industry, new skills are a must, and we're happy to help our team acquire them.


We prioritize Diversity, Equity, and Inclusion:

At Sonar, we are a global workforce and recognize the value of different backgrounds, and global cultures.

We are committed to creating a diverse work environment and are proud to be an equal-opportunity employer. All qualified applicants will be considered for employment without regard to race, colour, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.

All offers of employment at Sonar are contingent upon the clear results of a comprehensive background check conducted prior to the start date.

Similar Jobs

Zuru - Ecommerce Manager - EU Pureplayer

Zuru

London, England, United Kingdom (On-Site)
4 Months ago
Scientific Games  - Data Center Tech II

Scientific Games

Middletown, Pennsylvania, United States (On-Site)
5 Months ago
CloudHire - Data and Reporting Specialist - Fulfillment

CloudHire

Metro Manila, Philippines (Remote)
3 Months ago
Sunday - Marketing Artist (f/m/d)

Sunday

Hamburg, Hamburg, Germany (Hybrid)
3 Months ago
WildBrain - Product Development Coordinator

WildBrain

Warsaw, Masovian Voivodeship, Poland (Hybrid)
1 Month ago
Blue Yonder - AI/ML Penetration Tester Consultant

Blue Yonder

Hyderabad, Telangana, India (On-Site)
4 Months ago
PwC - Internship program - Risk Consulting

PwC

Bangkok, Bangkok, Thailand (On-Site)
4 Months ago
ION - Markets Product Security Engineer - UK

ION

London, England, United Kingdom (On-Site)
4 Months ago
Google - Cloud Technical Solutions Engineer, Security

Google

(On-Site)
3 Months ago
Saviynt - Account Executive

Saviynt

Kansas City, Kansas, United States (Remote)
4 Months ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

Nordcurrent - Producer (PC&Consoles)

Nordcurrent

Vilnius, Vilnius County, Lithuania (On-Site)
1 Month ago
KBG Blockchain Game Studios - UI/UX Designer

KBG Blockchain Game Studios

Thành Phố Hồ Chí Minh, Vietnam (On-Site)
7 Months ago
Click Therapeutics - Senior IT Systems Administrator

Click Therapeutics

New York, New York, United States (On-Site)
2 Months ago
ByteDance - Software Engineer Intern (Network Engineering) - 2025 Summer (PhD)

ByteDance

San Jose, California, United States (On-Site)
3 Months ago
Nagarro - Senior Android Developer

Nagarro

Cebu City, Central Visayas, Philippines (On-Site)
4 Months ago
Passive Logic - Electronics Lab Manager

Passive Logic

Salt Lake City, Utah, United States (On-Site)
4 Months ago
Take-Two Interactive - Senior Manager, HR Technology

Take-Two Interactive

New York, New York, United States (Hybrid)
1 Month ago
Mattel  Inc  - Supervisor Production

Mattel Inc

West Java, Indonesia (On-Site)
2 Months ago
Blizzard Entertainment - 2025 US Summer Internship - Site Reliability Engineering

Blizzard Entertainment

Irvine, California, United States (On-Site)
3 Months ago
USE Insider - Account Manager

USE Insider

İstanbul, İstanbul, Türkiye (On-Site)
4 Months ago

Get notifed when new similar jobs are uploaded

Jobs in Bochum, North Rhine-Westphalia, Germany

Vercel - Sales Engineer, German Speaking

Vercel

Germany (Remote)
4 Months ago
Goodgame Studios - LiveOps Game Designer - Goodgame Empire

Goodgame Studios

Hamburg, Hamburg, Germany (Hybrid)
1 Month ago
Tesla - Warehouse Transport Associate - Manufacturing

Tesla

Prüm, Rhineland-Palatinate, Germany (On-Site)
1 Month ago
SLAY - Chief of Staff

SLAY

Berlin, Berlin, Germany (On-Site)
3 Months ago
Knuddels - Werkstudent*in Data Science und Backend-Entwicklung (m/w/d) - remote oder Karlsruhe

Knuddels

Karlsruhe, Baden-Württemberg, Germany (Remote)
7 Months ago
Tesla - Controls Engineer Paint (m/w/d) - Gigafactory Berlin - Brandenburg

Tesla

Brandenburg, Germany (On-Site)
1 Month ago
Tesla - Sr. SPS Programmierer (m/w/d)

Tesla

Prüm, Rhineland-Palatinate, Germany (On-Site)
1 Month ago
Tesla - Store Manager / Filialleiter (m/w/d) - Stuttgart, Weinstadt

Tesla

Weinstadt, Baden-Württemberg, Germany (On-Site)
1 Month ago
Stratosphere games - Copy of Associate Producer

Stratosphere games

Berlin, Berlin, Germany (Hybrid)
1 Month ago
Tesla - Technischer Trainer/Field Trainer, Powerwall (Solar/Energy products, m/w/d)

Tesla

Cologne, North Rhine-Westphalia, Germany (On-Site)
1 Month ago

Get notifed when new similar jobs are uploaded

Cyber Security Jobs

PwC - Risk & Quality - Information Security Analyst- Associate - KSA

PwC

Riyadh, Riyadh Province, Saudi Arabia (On-Site)
3 Months ago
Unity - Senior Security Operations Engineer

Unity

Montreal, Quebec, Canada (On-Site)
2 Months ago
ION - Markets Governance, Risk and Controls Manager

ION

India (On-Site)
4 Months ago
Ubisoft - Vulnerability Management Specialist

Ubisoft

Saint-Mandé, Île-de-France, France (Hybrid)
1 Month ago
Palo Alto Networks - Solution Consultant - Network Security (Presales)

Palo Alto Networks

Brussels, Brussels, Belgium (Remote)
3 Months ago
HackerOne - Technical Engagement Manager

HackerOne

India (Remote)
3 Months ago
PwC - SRC_NIST Control Assessment_Senior Associate

PwC

Bengaluru, Karnataka, India (On-Site)
2 Months ago
PwC - ETIC, Winter Internship Program - Cybersecurity

PwC

Cairo, Cairo Governorate, Egypt (On-Site)
3 Months ago
Niantic - Security Engineer, Production

Niantic

Zürich, Zurich, Switzerland (Hybrid)
3 Months ago

Get notifed when new similar jobs are uploaded

About The Company

Austin, Texas, United States (Hybrid)

Bochum, North Rhine-Westphalia, Germany (On-Site)

Geneva, Geneva, Switzerland (On-Site)

London, England, United Kingdom (On-Site)

Melbourne, Victoria, Australia (On-Site)

Bochum, North Rhine-Westphalia, Germany (On-Site)

London, England, United Kingdom (On-Site)

London, England, United Kingdom (On-Site)

Austin, Texas, United States (Hybrid)

View All Jobs

Get notified when new jobs are added by Sonar Source

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug