1

Sonatype Jobs (NOW HIRING)

Sonatype is the software supply chain security company. We provide the world's best end-to-end software supply chain security solution, combining the only proactive protection against malicious open ...

Sonatype is the software supply chain security company. We provide the world's best end-to-end software supply chain security solution, combining the only proactive protection against malicious open ...

OR · On-site

Sonatype is the software supply chain security company. We provide the world's best end-to-end software supply chain security solution, combining the only proactive protection against malicious open ...

Sonatype is the software supply chain security company. We provide the world's best end-to-end software supply chain security solution, combining the only proactive protection against malicious open ...

OR · On-site

$52.75 - $72.25/hr

Sonatype is the software supply chain security company. We provide the world's best end-to-end software supply chain security solution, combining the only proactive protection against malicious open ...

Sonatype is the software supply chain security company. We provide the world's best end-to-end software supply chain security solution, combining the only proactive protection against malicious open ...

Sonatype is the software supply chain security company. We provide the world's best end-to-end software supply chain security solution, combining the only proactive protection against malicious open ...

OR · On-site

Sonatype is the software supply chain security company. We provide the world's best end-to-end software supply chain security solution, combining the only proactive protection against malicious open ...

OR · On-site

Sonatype is accelerating the future of agentic software development. As developers and AI agents build faster than ever, enterprises need a new level of control, visibility, and confidence at the ...

Sonatype is the software supply chain security company. We provide the world's best end-to-end software supply chain security solution, combining the only proactive protection against malicious open ...

Sonatype is the software supply chain security company. We provide the world's best end-to-end software supply chain security solution, combining the only proactive protection against malicious open ...

OR · On-site

Sonatype is the software supply chain security company. We provide the world's best end-to-end software supply chain security solution, combining the only proactive protection against malicious open ...

OR · On-site

Sonatype is the software supply chain security company. We provide the world's best end-to-end software supply chain security solution, combining the only proactive protection against malicious open ...

Responsibilities : • Integrate security practices/solutions into SDLC • Build and perform software composition analysis in CI/CD pipeline • Build Cadence artifactory using JFrog or SonaType • ...

Senior Application Security Engineer

Alpharetta, GA · Hybrid

$110K - $151K/yr

Experience with JFrog or Sonatype artifact repository platforms. * Strong background in cloud-native security and automation. * Primary qualification: Python, AWS + Kubernetes + SQL + Security ...

Senior Application Security Engineer

Alpharetta, GA · On-site

$56.75 - $75.75/hr

Experience with JFrog or Sonatype artifact repository platforms. * Strong background in cloud-native security and automation. * Primary qualification: Python, AWS + Kubernetes + SQL + Security ...

next page

Showing results 1-20

Sonatype information

See salary details

$10

$64

$92

How much do sonatype jobs pay per hour?

As of Jul 15, 2026, the average hourly pay for sonatype in the United States is $64.53, according to ZipRecruiter salary data. Most workers in this role earn between $56.25 and $76.68 per hour, depending on experience, location, and employer.

Is Sonatype the same as SonarQube?

Sonatype is a company that provides software supply chain management and security tools, including Nexus Repository. SonarQube is an open-source platform for continuous inspection of code quality and security. They are separate products serving different purposes in software development.

What is the difference between Sonatype vs Software Developer?

AspectSonatypeSoftware Developer
Primary RoleOpen source governance, software supply chain management, and securityDesigning, coding, testing, and maintaining software applications
Required SkillsKnowledge of DevOps, security, software composition analysis, and repository managementProgramming languages, software design, debugging, and development tools
Work EnvironmentTech companies, security-focused teams, DevOps environmentsSoftware development teams across various industries
CertificationsTypically none required, but security or DevOps certifications are beneficialProgramming certifications or relevant technical degrees

Sonatype focuses on software supply chain security and open source management, while a Software Developer primarily creates and maintains software applications. Both roles require technical knowledge, but Sonatype emphasizes security and repository management, whereas Software Developers focus on coding and application design.

What are some common challenges faced by a Software Engineer at Sonatype, and how can I prepare for them?

As a Software Engineer at Sonatype, you may encounter challenges such as working with complex open-source dependency management systems and ensuring the security and scalability of software solutions. Collaboration with cross-functional teams, including product managers and security analysts, is often required to deliver high-quality products. To prepare, familiarize yourself with modern DevOps practices, containerization, and secure software development lifecycles, as well as strong communication skills for remote or distributed team environments.

What does the company Sonatype do?

Sonatype is a software company that provides tools for managing open source security, governance, and software supply chain automation. It offers solutions like Nexus Repository and Nexus Lifecycle to help organizations secure and manage their software components effectively.

Is Sonatype a good company to work for?

Sonatype is known for its collaborative work environment and focus on open-source security and software supply chain management. Employees often cite opportunities for professional growth and the use of modern tools like Nexus Repository. As with any company, experiences can vary based on role and team dynamics.

What are the key skills and qualifications needed to thrive as a Software Engineer at Sonatype, and why are they important?

To thrive as a Software Engineer at Sonatype, you need strong programming skills in languages like Java, experience with software development lifecycles, and a bachelor's degree in computer science or related field. Familiarity with DevOps tools, containerization (Docker, Kubernetes), and software supply chain security platforms such as Nexus Repository is highly valued. Excellent problem-solving, collaboration, and communication skills help you work effectively in distributed teams and address complex software challenges. These skills are essential for building secure, high-quality software products and contributing to innovative solutions in a rapidly evolving technological landscape.

Who is the CEO of Sonatype?

As of October 2023, Sonatype's CEO is Wayne Jackson. He has been leading the company, which specializes in software supply chain automation and security, since 2020.
More about Sonatype jobs
What states have the most Sonatype jobs? States with the most job openings for Sonatype jobs include:
Enterprise Account Executive, Public Sector

Enterprise Account Executive, Public Sector

Sonatype

Washington, DC • Remote

Full-time

Posted 8 days ago


Job description

Sonatype is the software supply chain security company. We provide the world’s best end-to-end software supply chain security solution, combining the only proactive protection against malicious open source, the only enterprise grade SBOM management and the leading open source dependency management platform. This empowers enterprises to create and maintain secure, quality, and innovative software at scale.

As founders of Nexus Repository and stewards of Maven Central, the world’s largest repository of Java open-source software, we are software pioneers and our open source expertise is unmatched. We empower innovation with an unparalleled commitment to build faster, safer software and harness AI and data intelligence to mitigate risk, maximize efficiencies, and drive powerful software development.

More than 2,000 organizations, including 70% of the Fortune 100 and 15 million software developers, rely on Sonatype to optimize their software supply chains.

As an Enterprise Account Executive for the Federal Public Sector team, your primary mandate is pure net-new logo acquisition and market expansion. Based in Virginia, you will operate as an elite "hunter," breaking into untouched US Federal agencies, commands, and programs.

This role requires an individual with a relentless business development mindset who can navigate the complexities of federal procurement, leverage compliance mandates (like Executive Order 14028), and independently build a thriving pipeline from the ground up.

Role Outcomes:
  • Net-New Logo Acquisition: Consistently secure net-new agency logos and programmatic footprints across the Federal landscape to expand Sonatype's market share.

  • New ARR Generation: Achieve and exceed aggressive quarterly and annual Net-New ARR quotas driven predominantly by first-time buyer contracts.

  • Pipeline Velocity: Build and maintain a self-sourced, 4x qualified pipeline through relentless cold outreach, agency mapping, and strategic prospecting.

  • Market Penetration: Successfully position Sonatype's DevSecOps and SBOM cutting-edge compliance solutions as the new mandatory standard within previously unpenetrated government accounts.

Responsibilities:
  • Pure-Play Hunting & Business Development: Identify, target, and penetrate net-new Federal agencies and sub-agencies through outbound prospecting and cold calling.

  • Account Mapping & Profiling: Dissect complex federal organizational charts to identify key economic buyers, technical influencers, and CISOs who have not yet adopted Sonatype.

  • High-Impact Value Proposition: Deliver compelling, tailored presentations that clearly articulate Sonatype’s mission-critical value to uninitiated government stakeholders.

  • Partner Alignment for Access: Utilize the Federal channel ecosystem (distributors like Carahsoft, local VARs, and GSIs) specifically to gain access to net-new accounts and contract vehicles.

  • Rigorous Sales Qualification: Drive a tight, disciplined sales cycle from initial cold hook to contract close, ensuring accurate and predictable forecasting in Salesforce.

Who you are:
  • Proven Hunting Track Record: 5+ years of quota-carrying enterprise software sales experience in the US Federal sector, with a documented history of heavy net-new logo acquisition and sales club achievements.

  • Relentless Pipeline Builder: Exceptional prospecting skills; a professional who thrives on outbound execution and does not rely on inbound leads or existing account management.

  • Federal Procurement Expertise: Deep mastery of federal buying cycles, budget seasons, and unlocking net-new funding via SEWP, GSA, and other major contract vehicles.

  • Domain Fluency: Strong background selling application security (AppSec), DevSecOps, cybersecurity, or open-source software management tools into the Federal space.

Things that we are proud of

  • 2025 AI Compliance Solution of the Year - AI Breakthrough Awards

  • 2025 DEVIES Award to our SBOM Manager new product for its innovation and impact in developer technology

  • 2024 Industry Leader in Forrester-Wave for Software Composition Analysis (2024 Q4 report)

  • 2023 Fast Company Best Places for Innovators

  • 2023 Gartner's Magic Quadrant

  • 2023 Software Report's Top 100 Software Companies

  • 2023 BuiltIn Best Places to Work

  • 2022 Frost & Sullivan Technology Innovation Leader Award

  • 2022 PeerSpot Silver Peer Award in Software Composition Analysis

  • 2022 Tech Ascension Best DevOps Security Solution Award

  • 2022 NVCT Cyber Company of the Year

Company Wellness Week - We shut down company operations for a week to enable all employees to pursue personal growth and enjoy a much-needed and deserved rest.

Paid Volunteer Time Off (VTO)

At Sonatype, we value diversity and inclusivity. We offer perks such as parental leave, diversity and inclusion working groups, and flexible working practices to allow our employees to show up as their whole selves. We are an equal-opportunity employer, and we do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. If you have a disability or special need that requires accommodation, please do not hesitate to let us know.

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses and identifying potential inconsistencies or verification signals in application materials based on available information. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.