Description

Job Title: Security Engineer

As a Security Engineer, you will join our exceptional security team tasked with building world-class security into our product offerings by working on vulnerability management, application security testing and vulnerability scanning automation, bug bounty programs, and security reviews for both application and infrastructure security. You will proactively improve the security of our codebase, our product, our cloud, and our customers’ on-premise deployments.

Within one month, you will…

• You will contribute to the team’s goals and deliverables for securing the largest deployment of Sourcegraph (sourcegraph.com), enabling customers to upload private code repositories
• You will discover, fix, and mitigate infrastructure vulnerabilities by updating libraries, base images, and analyzing containers
• You will enhance our application security with audits, best practices, code fixes, and continuous education
• You will perform reactive incident response if a security event occurs

Within three months, you will…

• You will enhance our security measures and policies to support organizations on sourcegraph.com and ampcode.com
• You will work with other teams to triage, troubleshoot and mitigate customer concerns and questions about our security
• You and your manager will work together on a career plan with actionable goals

Within six months, you will…

• You will work with other teams and engineers to implement secure coding guidelines and best practices
• You will perform proactive research to detect new attack vectors
• You will perform threat modeling for existing and future applications
• You will assess and integrate new tools and technologies to improve our operational efficiencies
• You will help maintain compliance with SOC 2, ISO 27001 & GDPR standards

About you 

Equal parts engineer and security professional, you are excited about joining a team that is building a world class security system trusted by some of the biggest tech companies in the world.  You and your teammates are Sourcegraph’s first line of defense against bad actors using all the newest and dirtiest tricks to hack us and (more importantly) our customers.  You want to be a part of the foundational team, the first steps we are taking to build something big, something trusted, something critical to software and our customers

Your skill-set:

• Practical experience securing SaaS applications, including infrastructure security, application security, and/or compliance
• Experience using and automating a wide range of defensive security tools
• Experience developing software as an engineer (i.e., writing code and contributing directly to applications)
• Experience working across engineering teams to support secure coding across the organization.
• You are high agency
• You communicate effectively in writing and documentation

Nice to haves:

• Experience working in a startup environment
• Experience with Go, TypeScript, Terraform
• Experience with Kubernetes, GCP
• Experience securing AI products

Compensation

We pay you an above-average salary because we want to hire the best people who are fully focused on helping Sourcegraph succeed, not worried about paying bills. As an open and transparent company that values competitive compensation, our compensation ranges are visible to every single Sourcegraph teammate.

Your salary is determined by your pay band for the IC3 job level. For determining pay bands, we use a number of market and data-driven salary sources, along with your location zone, and target the high-end of the range to ensure we’re always paying above market regardless of where you live in the world. Both U.S. and international locations are divided into one of four zones, determined by the cost of labor index for each area. The salary for a successful candidate will be based on level, job-related skills, experience, qualifications, and location zone. Please note that the salaries below may be adjusted in the future.

The target compensation for this role is based on the IC3 pay band for your zone. The start of the IC3 pay band for each zone is listed below:

• Zone 2: $144,000
• Zone 3: $108,000
• Zone 4: $72,000

Please speak with a recruiter for additional information regarding zone locations.

In addition to our cash compensation, we offer equity (because when we succeed as a company, we want you to succeed, too) and generous perks & benefits.

Before you apply: Here is an interview Q&A for you: Click here

NOTE: Here is why some companies may not hire you.

Hey! Boost your skills/chances of getting hired faster. Take short AI courses for FREE – Click HERE 

Hey!! Thinking of getting MTN Fibre Broadband? Watch this first! Click here