Sourcegraph's mission is to make coding accessible to everyone, not just a small percentage of the population.
The company builds tools that facilitate software development at scale, including Code Search and Amp, an agentic coding tool.
Sourcegraph is trusted by engineering teams at major companies like Stripe, Uber, and Palo Alto Networks, and has secured $225M in funding from notable investors.
The Security Engineer will join a dedicated security team focused on integrating world-class security into product offerings.
Responsibilities include vulnerability management, application security testing, vulnerability scanning automation, bug bounty programs, and security reviews for applications and infrastructure.
Within the first month, the engineer will contribute to securing Sourcegraph's largest deployment, discover and fix infrastructure vulnerabilities, enhance application security, and perform incident response.
By three months, the engineer will improve security measures and policies, collaborate with other teams on security concerns, and develop a career plan with their manager.
After six months, the engineer will implement secure coding guidelines, conduct proactive research on attack vectors, perform threat modeling, assess new tools, and maintain compliance with SOC 2, ISO 27001, and GDPR standards.
Requirements:
Candidates must have practical experience securing SaaS applications, including infrastructure security, application security, and compliance.
Experience in using and automating a variety of defensive security tools is required.
Candidates should have a background in software development, including writing code and contributing to applications.
Experience working across engineering teams to promote secure coding practices is essential.
Candidates should demonstrate high agency and effective communication skills, particularly in writing and documentation.
Nice to have: experience in a startup environment, familiarity with Go, TypeScript, Terraform, Kubernetes, GCP, and securing AI products.
Benefits:
Sourcegraph offers above-average salaries to attract top talent, with compensation determined by pay band, skills, experience, and location.
The target compensation for the IC2-IC3 role varies by location zone, with specific salary ranges provided for each zone.
In addition to cash compensation, employees receive equity to align their success with the company's success.
The company provides generous perks and benefits, which can be reviewed in detail on their benefits page.
