Staff Software Engineer- Managed Scanning at Semgrep

San Francisco, California, United States

Apply Now

Not SpecifiedCompensation

Junior (1 to 2 years)Experience Level

Full TimeJob Type

UnknownVisa

Software, Application SecurityIndustries

Requirements

Candidates should have 6+ years of experience writing production software and building web applications using languages such as Python and Go. Experience developing task-based workloads on Kubernetes or similar frameworks is required, along with excellent and proactive communication skills. Familiarity with Postgres, Kubernetes, and Elasticsearch is also beneficial.

Responsibilities

The Staff Software Engineer will build and maintain scanning infrastructure, including task processing systems and web service backends. Responsibilities include architecting and implementing Elasticsearch for search and analytics, ensuring high-availability operation of services using site-reliability practices, and mentoring junior developers. The role involves collaborating with product managers and engineers to create security tools, advising on technical and product direction, and planning and executing major initiatives from design to deployment.

Skills

Backend Engineering

Elasticsearch

Task Processing Systems

Web Service Backends

Software Security

Data Storage

Data Retrieval

System Architecture

Semgrep

Vulnerability detection tool for software development

About Semgrep

Semgrep offers a tool that helps security engineers and developers identify and fix vulnerabilities in their code before deployment. It integrates into existing workflows, providing actionable insights while significantly reducing false positives in open-source vulnerabilities by up to 98% through reachability analysis. The tool is designed for speed, with average scan times of less than 5 minutes, allowing teams to quickly address security issues. Semgrep aims to enhance the security of the software development life cycle, improving productivity and reducing technical debt.

San Francisco, CaliforniaHeadquarters

2017Year Founded

$90.5MTotal Funding

SERIES_CCompany Stage

Enterprise Software, CybersecurityIndustries

51-200Employees

Benefits

Health Insurance

Paid Vacation

401(k) Retirement Plan

Professional Development Budget

Flexible Work Hours

Remote Work Options

Risks

Increased competition from Snyk and GitGuardian in the code analysis market.

Rapid evolution of programming languages may outpace Semgrep's tool updates.

Customer concerns about data privacy in cloud-based solutions could affect adoption.

Differentiation

Semgrep reduces false positives in vulnerabilities by up to 98% with reachability analysis.

The tool integrates seamlessly into existing workflows and ticketing systems for developers.

Average scan time is under 5 minutes, enhancing productivity and efficiency.

Upsides

Increased demand for supply chain security tools boosts Semgrep's market potential.

Rise of DevSecOps practices aligns with Semgrep's focus on SDLC security integration.

Growing popularity of IaC tools presents expansion opportunities for Semgrep.

Land your dream remote job 3x faster with AI

Try Jobo Free