About Sonatype
What is Sonatype?
Sonatype is the software supply chain security company. As the founders of Nexus Repository and the stewards of Maven Central — the world's largest repository of Java open-source software — Sonatype builds the tools enterprises use to create and maintain secure, high-quality software at scale. Its platform combines proactive protection against malicious open source, enterprise-grade SBOM management, and the leading open-source dependency management tooling. More than 2,000 organizations, including 70% of the Fortune 100 and 15 million software developers, rely on Sonatype to optimize their software supply chains. Founded in 2008 by lead contributors to the Apache Maven project and backed by Vista Equity Partners, Sonatype's open-source expertise is unmatched.
Where will I work?
Sonatype operates as a remote-first organization with flexible scheduling options. Its team lives and works across the globe, with open roles regularly posted as fully remote across the United States, Canada, and Colombia. Sonatype also maintains physical hubs — headquarters in Fulton, Maryland, plus offices in London, Singapore, and Hyderabad — but distributed, flexible work is the norm rather than the exception. Many engineering, marketing, and people-team roles are advertised with no required office location beyond a time-zone preference.
What is the Sonatype team like?
Sonatype describes a people-first culture built on four values: "Trust through transparency & accountability," "Embrace Inclusion," "Be bold," and "Pursue growth." New hires begin community-building and cross-team activities on day one. The company runs two long-standing employee resource groups — Women at Sonatype (founded 2018) and CBID, its Community, Belonging, Inclusion & Diversity group (established 2021). Sonatype frames every role around a clear purpose: securing the global software supply chain so that the software the world relies on is safer by design.
Work-Life Balance
Sonatype pairs remote-first flexibility with deliberate rest. Each year the company shuts down operations entirely for a dedicated Wellness Week (and additional company-wide wellness days) so that every employee can step away, recharge, and pursue personal growth at the same time — no coordinating coverage, no inbox guilt. "Flexible working practices" are explicitly called out as a core perk, alongside Paid Volunteer Time Off so employees can give back to their communities on the clock.
Perks and Benefits
Sonatype offers a competitive benefits package, full parental/maternity leave covering both birth and adoption, and Paid Volunteer Time Off. Professional growth is well supported, with ongoing funding for learning-and-development certifications, access to skill-building tools across functions, and dedicated leadership coaching and training. Flexible work arrangements and schedules underpin the whole experience, reflecting Sonatype's remote-first commitment.