hero

Join the Family

Felicis portfolio companies are growing their teams in the U.S. and beyond.
190
companies
2,392
Jobs

Senior Security Engineer

Semgrep

Semgrep

Software Engineering
San Francisco, CA, USA
Posted on Saturday, June 1, 2024

About Semgrep

Our mission is to make world-class software security available to everyone. This means building program analysis tools that are open source, easy to use, powerful, and fast. It also means building a team with security expertise and a passion for great developer experiences. Most of all, it means working with honesty and respect in a diverse community of dreamers and builders. We’ve redefined static analysis tooling by committing to all of these, and turned our project, Semgrep, into an essential safeguard for code at Snowflake, Dropbox, and more.

About the Team

The Internal Security & Tech Ops team is focused on securing our company and, by extension, our customers and their data. We also provide core technology services to Semgrep's employees. We are responsible for securing Semgrep, representing its security posture to our customers, and providing the services and platforms that our employees rely on.

Our mission is to move Semgrep's security from good to excellent. We strive to be a group that is approachable and customer-orientated. We value constant improvement, leveraging automation and the latest tools and technologies.

Internal Security helps lead our cross-company Security Guild; provides security expertise as part of Semgrep's greater security mission; and partners closely with the Engineering, People Ops and Go-to-Market teams.

About the role

As a Senior Security Engineer, you will help lead our internal security efforts. You will take our security program from good to excellent across various domains, including Corporate Security, Cloud Security, Compliance, and Detection and Response. You will contribute to our broader technical operations and compliance programs. The role is an excellent opportunity to apply hard-won security lessons in a rapidly growing company that places a premium on engineering-led solutions.

To succeed in this role, you must be self-driven and motivated by designing and deploying 'right-sized' security solutions. In addition, you must balance the competing demands of running a modern, employee-friendly security program in a quickly changing environment. We consider 'done' to be better than perfect'!

You will:

  • Lead efforts to improve Semgrep’s security posture across various security domains
  • Help set our internal security priorities, strategy, and roadmap
  • Create, deploy and operate security tooling (inc custom solutions, as well as third-party tools)
  • Create and deploy our security monitoring, detection and alerting capabilities
  • Support our TechOps and Compliance teams in their missions

You are ideal for this role if you:

  • Have 5+ years of experience in security engineering or operations roles
  • Have excellent technical project management and interpersonal skills
  • Have deep expertise across a variety of security domains; with an emphasis on Corporate Security, Cloud Security, Compliance, and Detection and Response
  • Enjoy leading technical projects as well as contributing to cross-functional teams
  • Have experience partnering with core internal teams (e.g., Tech Ops, Engineering People Ops, Go-to-Market, etc.)
  • Experienced with securing the core tools and services used in modern start-ups, inc macOS endpoints, Google Workplace, Okta, and securing cloud services such as AWS or GCP.

Location expectations:

  • Our preference is that this role will be based in our San Francisco office 2 to 3 days per week.

Compensation

Salary Range: $ 205,000- $229,000

Our compensation package includes equity and benefits in addition to salary.

Please note that the range listed is for someone based in the San Francisco Bay Area.

What we offer

Our goal is to competitively and fairly compensate every Semgrep employee with a system that equally rewards those who are vocal and those who are less comfortable making demands during the final steps of the hiring process. To that end, we generate internal compensation bands that are used when discussing and negotiating salaries. We update these based on market data to make sure they’re above the average for comparable roles.

We also invest in our employees’ well-being and long term success with comprehensive health plans, generous vacation time, 401k, learning stipends, and more. Our benefits are for everyone, so that you’re taken care of, and we work with individuals to make sure they have what they need, whether that’s quiet work space, adjusted hours, or something else.

Who we are

We have people from France and the Philippines, physics and philosophy, formal methods research and full fledged corporations. We’re new parents and new grads, aspiring authors and aspiring Americans, dog lovers and dogfooders. We get together often to bike, bake, and meet up in parks. In our interactions, we believe respect and honesty go hand in hand, and prioritize both.

Semgrep is an equal-opportunity employer seeking a diverse range of backgrounds. We value who you are — including your cultural heritage, your socioeconomic status, your age, your race, your gender, your sexual orientation, your disabilities. We value what’s vitally important to you — your family, your religion, your politics. We value what you love in this world — your music, your weekend pursuits. We believe in welcoming varied professional backgrounds, educations, and interests. If you’re exceptional in your role, believe in Semgrep’s mission, and treat Semgrep’s values as your own, you belong here.