Major Incident Manager
Geneva, NY - USA
Job Summary
Who is Sonar
Sonar is driving the future of agent-centric software development. As the leader in AI code verification and governance we solve a critical problem: ensuring that software generated by AI-assisted developers or autonomous agents is reliable secure and maintainable.
Integrating seamlessly with Claude Code Codex Cursor GitHub Copilot Gemini and Devin we help over 75% of the Fortune 100 build trusted reliable compliant software. Customers who use Sonar are 44% less likely to report an outage due to AI-generated code.
We believe code verification is the critical missing link in the Agent-Centric Development Cycle (AC/DC). Industry giants like Nvidia ServiceNow Goldman Sachs AstraZeneca and Ford Motor Company count on us to provide independent explainable consistent review and governance of their AI-generated code via products like:
- SonarQube: The worlds leading AI code review and verification platform.
- SonarQube Foundation Agent: Currently topping the leaderboards for agentic software repair.
- SonarSweep & Sonar Context Augmentation: Providing the enterprise-grade context and constraints agents need to be truly effective.
Our team operates across global hubs in Austin Bochum Dubai Geneva London Singapore Tokyo and Washington D.C. We move with a mindset we call CODE:
- Committed to our customers and community.
- Obsessed with quality.
- Deliberate in our decisions.
- Effective as one team.
With over $400M in revenue and profitable fast-paced growth we are building the backbone of the AI software revolution. If youre hungry to have an impact want to build at a fast pace and ready to work at the forefront of AI we want to hear from you.
Position description
What you will do
- System Health Monitoring Alert Triaging and Error Budget Management: Dedicate time to monitoring critical security infrastructure (e.g. identity platforms firewalls compliance systems) and core infrastructure components. Focus on using and maintaining dashboards tied to Service Level Objectives (SLOs) triaging high-severity alerts and analyzing the current Error Budget burn rate to guide prioritization for the rest of the day.
- Infrastructure as Code (IaC) and Policy as Code Development: Spend the largest portion of time writing reviewing and testing code (e.g. Python Go Terraform or proprietary tools) to automate the deployment configuration and security hardening of infrastructure. This involves treating infrastructure and security policies as software to ensure consistency and prevent configuration drift.
- Toil Elimination and Automation of Operational Tasks: Identify scope and implement automated solutions for manual repetitive and time-consuming tasks (toil) related to security patching compliance checks certificate rotations or infrastructure maintenance. The goal is to continuously reduce the operational workload for the team.
- Security Pipeline and Observability Maintenance: Maintain and enhance the DevSecOps security tools integrated into the CI/CD pipelines (e.g. static analysis vulnerability scanning security configuration checks). Ensure the end-to-end logging metrics and tracing (observability) systems for both infrastructure and security tools are robust accurate and provide immediate diagnostic capability during incidents.
- Incident Response Engineering and Post-Mortem Action: Participate in the on-call rotation and actively engage in engineering solutions derived from post-mortems. This means turning incident root causes into preventative measures implemented via code improving runbooks into automated actions and reducing Mean Time To Resolution (MTTR) for future incidents.
Experience and qualifications
- Deep IaC Expertise: Professional experience provisioning and managing complex infrastructure using tools like Terraform or CloudFormation (AWS) or similar tools like Ansible or Puppet for configuration management.
- Cloud/Platform Experience: Hands-on experience with a major cloud provider (AWS GCP Azure) or managing large-scale internal/private cloud infrastructure.
- SLO/SLI Implementation: Practical experience defining measuring and reporting on Service Level Indicators (SLIs) and Service Level Objectives (SLOs) for critical services.
- Logging/Metrics/Tracing Stacks: Proven experience with modern observability platforms (e.g. Prometheus/Grafana ELK/EFK stack proprietary systems or vendor solutions like Datadog/Splunk) for proactive issue identification.
- Networking: Strong understanding of core networking concepts (TCP/IP DNS Load Balancing Firewalls Proxies) sufficient to debug complex service connectivity and latency issues.
- Automation of Security Controls: Experience implementing security best practices via code such as automated vulnerability scanning configuration hardening secret management (e.g. HashiCorp Vault) and key rotation.
- Identity and Access Management (IAM): Practical experience managing large-scale IAM systems (e.g. implementing least-privilege policies single sign-on).
- Incident Management: Experience running or significantly contributing to post-incident reviews (post-mortems) and prioritizing resulting engineering work (error budget management).
In-office culture
Were intentional about this. We believe the best teams are built in the room together. Three anchor days Mondays Tuesdays and Thursdays create the collaboration rhythm that makes a hub office worth having.
Candidates need to be genuinely based in the location the role is posted if thats not where you are today were happy to support relocation for the right person.
We value diversity equity and inclusion
At Sonar we believe that our diversity is our strength. We are a global company that values and respects different backgrounds perspectives and cultures. We are committed to fostering a diverse and inclusive work environment where everyone feels valued and empowered to contribute their best. We are proud to be an equal opportunity employer and welcome all qualified applicants regardless of race color religion gender gender identity or expression sexual orientation national origin genetics disability age or veteran status.
If you need any accommodation please reach out to us at emailprotected.
All offers of employment at Sonar are contingent upon the results of a comprehensive background check and reference verification conducted before the start date.
Applications that are submitted through agencies or third party recruiters will not be considered.
Required Experience:
Manager
About Company
Bad code is risky business. AI-generated or written by humans, Sonar ensures top-tier code quality & security. Protect your organization from bugs and vulnerabilities that jeopardize customer trust, damage your reputation, and undermine developer experience.