Senior Systems Engineer

Summary

Join Semgrep's Analysis Foundations team and own the code analysis underlying our products, ensuring seamless user experience. You will improve Semgrep's scanning capabilities across various environments and programming languages, while frequently releasing improvements. You'll advocate for architectural decisions, contribute to the technical roadmap, and mentor other engineers. The ideal candidate possesses 3+ years of experience owning a critical service with a large user base, experience with multiple operating systems, and proficiency in functional programming. Semgrep offers a competitive salary, equity, benefits, and a supportive work environment.

Requirements

• Interest in code analysis. If you’ve ever spent time studying how your interpreter, compiler, linter, or garbage collector works, come work with us!
• 3+ years experience owning the success of a critical service with a large and exponentially growing number of users, particularly its performance and reliability, with the help of frameworks like Opentelemetry
• Experience building for multiple operating systems, such as Linux, Apple Silicon, and Windows, including in CI environments
• Experience working in a functional programming language (OCaml, Haskell) or the excitement to learn
• Passion for shipping quickly and safely, caring deeply about solving real problems for our users and allowing them to depend on us
• Excellent and proactive communication, both verbal and written
• 6+ years of experience writing production software and building web applications. Our stack includes Python, TypeScript, Javascript, React, and Postgres on AWS with Kubernetes
• Excitement about building for internal and external customers, learning their needs, iterating fast, and seeing your solutions solve their core problems
• Comprehensive full stack experience up and down the stack
• Excellent and proactive communication, both verbal and written

Responsibilities

• Ensure that our changes are released frequently and reliably through a number of distribution methods, including pip, homebrew, and docker
• Build tooling that allows us to support our users more effectively when they encounter problems
• Make fundamental improvements to Semgrep’s analysis capabilities that affect all users, including to its performance, availability, and precision
• Advocate for architectural decisions that make our code easy to reason about and allow us to scale with an exponentially growing number of users
• Help set the technical roadmap for our foundational analysis, listening to our users as well as program analysis engineers and security researchers across the company
• Advise and mentor other engineers via thoughtful code reviews, planning discussions, technical documentation, and formal mentorship
• Work on major initiatives end-to-end, from investigation through design, implementation, and deployment
• Help set technical and product direction, collaborating with the team to determine the future of the internal platform, what features to build, and how to build them
• Architect and build elegant, maintainable, extensible software systems
• Learn from internal and external users to understand their needs, build solutions that solve their biggest pain points
• Advocate for and develop intuitive, simple, robust APIs that solve a wide variety of complex problems using simple, elegant abstractions
• Ensure continual, high-availability operation of services using modern site-reliability practices, including participation in an on-call rotation
• Advise and mentor other engineers via thoughtful code reviews, planning discussions, technical documentation, and formal mentorship
• Work with urgency, understanding that your impact generates immediate value for customers
• Collaborate with engineers, product managers, designers, and security researchers to build the best product possible

Preferred Qualifications

• Improve our observability tooling to reduce the time taken to identify the root cause of bugs found when analyzing customers’ code
• In partnership with our Managed Scanning team, propose and lead the implementation of a release process that reduces release cycles from weekly to daily or continuously for most users
• Deliver support for running Semgrep natively on Windows
• Optimize how Semgrep infers the relationships between functions to speed up dataflow analysis
• Build a robust performance testing platform that allows every change to be confidently verified for performance regressions
• Design a new rule syntax based on requests from the product teams to simplify rule writing in the presence of common frameworks
• Implementing Role-Based Access Control
• Developing unified APIs that provide functionality like posting comments and fetching file contents across a several source control systems
• Scaling the systems that power Semgrep scans while improving their performance and fault-tolerance characteristics
• Rethinking the Semgrep rule registry web app

Benefits

• Salary Range : $166,000-196,000 USD
• Equity
• Benefits
• Comprehensive health plans
• Generous vacation time
• 401k
• Learning stipends