Job Details

Senior IDE Engineer, Semgrep Analysis Foundations

About Semgrep

Semgrep is on a mission to make it expensive to exploit software. As the team behind the most popular SAST, we built the Semgrep AppSec Platform to deliver industry-leading code, dependency, and secrets scanning to enable organizations to ship secure code quickly without slowing down development.

With fast, customizable code analysis across large codebases, Semgrep helps teams catch vulnerabilities early and fix them faster. Leading companies like Snowflake, Plaid, Figma, Lyft, and Dropbox rely on Semgrep to secure their software.

Semgrep is funded by top investors, including Felicis Ventures, Lightspeed Venture Partners, Menlo Ventures, Redpoint Ventures, and Sequoia Capital.

About the role

As a member of the Semgrep Analysis Foundations team, you'll enable developers to code securely — whether they handwrite code in an IDE, work in conjunction with LLM-enabled tools, or let agents run autonomously. You'll own our IDE integrations and MCP server, adding whatever functionality is needed to help developers find and fix vulnerabilities in their code with minimal friction. This includes the code analysis underlying our scanning, so that you can make improvements as needed to our actual detection software. All the while, you'll ensure we release improvements frequently and painlessly, supporting our culture of fast experimentation. Through Semgrep's culture of transparency, you'll influence decisions that contribute to Semgrep as a world-leading static-analysis project and have impact in the developer community.

You will:

• Own and improve the reliability and user experience of our IDE extensions across VSCode, IntelliJ, and other popular editors
• Design IDE-native workflows that integrate seamlessly with AI coding assistants and autonomous development agents
• Maintain the infrastructure for our MCP (model context protocol) server
• Ensure frequent, easy releases to all supported platforms
• Build comprehensive observability and debugging tools to quickly identify and resolve issues in diverse customer environments
• Advocate for architectural decisions that keep code maintainable and scalable with a growing user base
• Advise and mentor other engineers via thoughtful code reviews, planning discussions, technical documentation, and formal mentorship

You are ideal for this role if you have:

• Developed an IDE extension for a popular language or tool
• Built and maintained high-availability, low-latency systems with real-time responsiveness
• Built cross-platform applications for Linux, macOS, and Windows, including automated testing and CI/CD pipelines
• Passion for shipping quickly and safely, solving real problems for users while ensuring reliability
• Excellent and proactive communication, both verbal and written
• Interest in code analysis and experience or interest in working in a functional programming language (OCaml, Haskell). If you've explored interpreter, compiler, linter, or garbage collector internals, consider joining us!

Some example projects you might work on include:

• Develop IDE-optimized features like incremental scanning and smart caching for instant feedback without disrupting developer flow
• Create MCP tools that help AI assistants write secure code by providing real-time guidance, safer alternatives, and validating generated code
• Build code navigation features that help developers understand security implications and enforce best practices using Semgrep analysis
• Integrate our MCP server backend with the main infrastructure for running scans
• Implement telemetry to track the effectiveness of Semgrep detection and judge rule performance in the IDE context
• Build intelligent code navigation features that help developers understand security implications across their codebase, enforce coding standards, and discover relevant patterns using Semgrep's analysis capabilities

Compensation

Salary Range: $176,000-207,000 USD

Our compensation package includes equity and benefits in addition to salary.

Please note that the range listed is for someone based in the San Francisco Bay Area.

What we offer

We invest in our employees' well-being and long-term success with comprehensive health plans, generous vacation time, 401k, learning stipends, and more. Our benefits are for everyone, and we work with individuals to ensure they have what they need, whether that's quiet work space, adjusted hours, or something else.

Who we are

We have people from diverse backgrounds and disciplines, and we value respect, honesty, and collaboration. Semgrep is an equal-opportunity employer, and we value a diverse range of backgrounds and experiences.

For US-based roles open to remote work, we are currently able to hire employees in specific states. This posting focuses on the role and its requirements.

Apply and next steps

Interested in building your career at Semgrep? We welcome you to apply to this role through our standard application process.