About the Role

• Own the architecture of agentic-first features in a product used by 15 million developers and 70% of the Fortune 100.
• Practice a fundamentally new way of building software — long-running, multi-agent development — alongside Staff and Principal engineers who are defining the craft.
• Work on the hardest problems at the intersection of AI, distributed systems, and software supply chain security — a space where the industry playbook is still being written.
• Shape the technical roadmap for Nexus, set the engineering hiring bar, and mentor Senior engineers who will carry the craft forward.

What You Will do

• Architect & Lead With Agents: Drive the technical design of major agentic-first subsystems — service architecture, data models, and agent/tool integrations — by running long-running, multi-agent workflows across decomposition, orchestration, implementation, testing, and review.
• Own a Product Area: Take major initiatives from ambiguous problem statements through technical design, multi-team execution, rollout, and long-term operability.
• Verification Over Generation, at Scale: Spend your time on direction, review, and taste rather than line-by-line coding. Define the evals, harnesses, guardrails, and review rituals that let your team confidently ship code no human typed.
• Define the Practice: Set the bar for how Sonatype engineers work with agents. Shape internal playbooks, tooling, and rituals; train Senior engineers in the craft; and raise the ceiling on what's possible.
• Architecture, Security & Reliability: Own non-functional requirements for your area — performance, reliability, and security — with particular attention to software supply chain threats (malicious packages, dependency confusion, provenance, SBOM accuracy).
• Cross-functional Leadership: Partner with Product, Security Research, UX, and Support leaders to translate ambiguous customer needs into concrete, shippable technical plans; conduct deep design reviews; and raise the quality bar through thoughtful mentorship.

Who You Are

• Long-running Agentic Developer: Multi-step, long-running agent workflows are your default way of building software — well beyond Copilot-style autocomplete. You routinely orchestrate fleets of agents in parallel across planning, coding, testing, and review, and your own time is spent on direction, verification, and taste rather than generation.
• Multi-agent Orchestration at Depth: Hands-on experience designing, running, and scaling multi-agent systems (e.g., Claude Code, Codex, Cursor background agents, custom orchestrators, LangGraph-style graphs) — including MCP tooling, shared context and memory, agent handoffs, and robust eval harnesses. You've shipped production work this way and have strong opinions on what holds up at scale.
• Verification-first Mindset: You've internalized that the new leverage point is human judgment over machine generation. You define the evals, test harnesses, observability, and review workflows that let a team confidently ship code no one personally typed.
• Shapes Leading-edge Practice: You don't just adopt agentic workflows — you define them. You've led internal rollouts, published, open-sourced, or otherwise pushed the state of the art on how engineers work alongside agents, and have a clear point of view on where the craft is heading.
• Product Engineering Mindset: Half product, half engineering. You make product decisions independently and drive scope, trade-offs, and sequencing without constant PM hand-holding.
• Focused on What Matters: You want to build mission-critical products that drive revenue and transform how customers build software.
• Staff-level Engineering Skills: 7+ years of professional software development, with a track record of leading multi-quarter technical initiatives that span multiple teams or services.
• Deep Technical Foundation: Strong experience with Java, Cloud (AWS / Azure / GCP), and large-scale distributed systems — including performance tuning, data-intensive services, and production operability at scale.
• DevSecOps & Supply Chain Depth: Working knowledge of software supply chain security — SBOM formats (CycloneDX, SPDX), SCA, SLSA provenance, Sigstore/cosign signing, vulnerability analysis (OSV, NVD), and common attack patterns against package ecosystems.
• Deeply Curious: You push agentic tools to their limits — probing where they work, where they break, and how to make them better. You're energized by being early in a fundamentally new way of building software.

What We Are Proud Of

• 2025 Visionary in Gartner® Magic Quadrant™ for Application Security Testing!
• 2025 AI Compliance Solution of the Year - AI Breakthrough Awards
• 2025 DEVIES Award to our SBOM Manager for a new product for its innovation and impact in developer technology
• 2024 Industry Leader in Forrester-Wave for Software Composition Analysis (2024 Q4 report)
• Constellation AST Shortlist: Sonatype has been listed on the Constellation ShortList™ for Application Security Testing for 2024
• Data Breakthrough Awards: Sonatype was announced as a 2024 winner in the "Open Source Data Solution of the Year."
• SD Times: Best in Show Security
• Fast Company Best Workplaces for Innovators 2024
• The Herd Top 100 Private Software Companies 2024.
• Diversity & Inclusion Working Groups
• Parental Leave Policy
• Paid Volunteer Time Off (VTO)