Engineering Manager, Software Composition Analysis at Semgrep

San Francisco, California, United States

Apply Now

Not SpecifiedCompensation

Senior (5 to 8 years), Expert & Leadership (9+ years)Experience Level

Full TimeJob Type

UnknownVisa

Cybersecurity, TechnologyIndustries

Requirements

One or more years of experience leading software engineering teams
A strong foundation in product development and bringing products to production - including understanding best practices for design, iterative milestone creation, and utilizing customer feedback
Familiarity with agile development principles and iterative milestone development
A strong desire to help engineers grow through coaching and mentorship
Opinions on Software Composition Analysis, have built a security product before, or have worked at a dev tooling company

Responsibilities

Work closely with product and design partners to create a roadmap for the success of your team that balances iterative changes with big bets
Prioritize and direct your team’s schedule, balancing the needs of developing new technology and internal technical quality
Retain and strengthen engineers with coaching and mentorship, regular feedback, performance reviews, and performance management when necessary
Build an environment of trust that rewards creativity, risk taking, and personal responsibility
Continually grow your team through the hiring of diverse, productive, high-level technical talent

Skills

Key technologies and capabilities for this role

Engineering ManagementSoftware Composition AnalysisSupply Chain SecurityDependency ScanningVulnerability RemediationSASTCode AnalysisData ArchitectureTeam LeadershipMentoring Engineers

Questions & Answers

Common questions about this position

What experience is required to be ideal for this Engineering Manager role?

You need one or more years of experience leading software engineering teams, a strong foundation in product development including best practices for design and utilizing customer feedback, and familiarity with agile development principles.

What does the role involve in terms of team leadership?

You'll work closely with product and design partners to create roadmaps, prioritize your team's schedule, retain engineers through coaching and mentorship, build a trusting environment, and grow the team by hiring diverse talent.

What is the company culture like at Semgrep?

Semgrep has a culture of transparency where you'll see and influence key decisions, and the role emphasizes building an environment of trust that rewards creativity, risk taking, and personal responsibility.

Is this position remote or does it require office work?

This information is not specified in the job description.

What is the salary or compensation for this role?

This information is not specified in the job description.

Semgrep

Vulnerability detection tool for software development

About Semgrep

Semgrep offers a tool that helps security engineers and developers identify and fix vulnerabilities in their code before deployment. It integrates into existing workflows, providing actionable insights while significantly reducing false positives in open-source vulnerabilities by up to 98% through reachability analysis. The tool is designed for speed, with average scan times of less than 5 minutes, allowing teams to quickly address security issues. Semgrep aims to enhance the security of the software development life cycle, improving productivity and reducing technical debt.

San Francisco, CaliforniaHeadquarters

2017Year Founded

$90.5MTotal Funding

SERIES_CCompany Stage

Enterprise Software, CybersecurityIndustries

51-200Employees

Benefits

Health Insurance

Paid Vacation

401(k) Retirement Plan

Professional Development Budget

Flexible Work Hours

Remote Work Options

Risks

Increased competition from Snyk and GitGuardian in the code analysis market.

Rapid evolution of programming languages may outpace Semgrep's tool updates.

Customer concerns about data privacy in cloud-based solutions could affect adoption.

Differentiation

Semgrep reduces false positives in vulnerabilities by up to 98% with reachability analysis.

The tool integrates seamlessly into existing workflows and ticketing systems for developers.

Average scan time is under 5 minutes, enhancing productivity and efficiency.

Upsides

Increased demand for supply chain security tools boosts Semgrep's market potential.

Rise of DevSecOps practices aligns with Semgrep's focus on SDLC security integration.

Growing popularity of IaC tools presents expansion opportunities for Semgrep.

Land your dream remote job 3x faster with AI

Try Jobo Free