Program Analysis Software Engineer (San Francisco)

Semmle is making software truly searchable, allowing deep meaningful questions to be answered, and insights to be shared. Our technology treats code as data, and by combining deep semantic code search with program analysis, we enable you to explore your code at scale in order to find bugs and real vulnerabilities. We are now looking for a number of Program Analysis Engineers to help us understand the codebases of some of the world’s largest companies

Role
As a Program Analysis Software Engineer, you will be part of a team of code analysis and compiler experts working to redefine what’s possible through static analysis and variant analysis. We perform advanced analysis on the world’s most commonly used programming languages, and our results come from a mix of cutting-edge theory and practical adaptation. You will be responsible for working closely with our customers to understand their codebase and perform variant analysis.
In the role you will:
  • Devise and implement complex data models to analyze program control flow and data flow, using the latest research techniques.
  • Use Semmle QL, our own declarative logic programming language, to develop sophisticated analyses for code quality issues.
  • Create queries that identify all variants of known vulnerabilities and scale these across the customer’s codebase.
  • Collaborate with the Semmle Security Research team, and with Semmle’s customers, to create the best analysis libraries possible.

Your work will have a direct impact on the security of some of the world’s largest code bases and the most commonly used applications. You will be helping to improve the software that runs the world by scaling the analysis and identification of critical security vulnerabilities and real zero-days with the world’s biggest tech companies. 

Requirements
The main thing we look for in candidates is intelligence and the ability to learn. We are interested in talking to people at any point in their career: from Interns to Seniors and above. 

Essential requirements
  • Strong knowledge and experience of one or more of the following programming languages: C, C++, C#, Java, JavaScript/TypeScript, Python, Haskell and Go  (this can be commercial, academic or personal experience).
  • A strong foundation in Computer Science (BSc, MSc, PhD or equivalent practical experience).
  • Experience of (at least one of the following): Program analysis, static analysis, compiler construction or formal verification.

Desirable skills
  • Programming language design and implementation.
  • Experience in mentoring other engineers and disseminating complex technical ideas and processes.
  • Compiler construction; code generation and query optimization.
  • Abstract interpretation; formal verification; Partial evaluation.
  • Static analysis; dynamic analysis; data flow and information flow; security analysis; program transformation; taint analysis; taint tracking.
  • Logic programming / Declarative Programming (e.g. Prolog, Datalog).


About Semmle
We believe security is a shared responsibility. Our mission is to secure all software by bringing the security and development communities together.

Our technology scales any organization's security expertise using QL to quickly explore any codebase to discover new vulnerabilities and all their variants. We empower product security teams to deliver variant analysis results to development teams using LGTM to ship safe code and protect their customers. Together, Semmle's platform enables the security community to collaborate and share their expertise in the field of variant analysis and security research. Our technology is free to use on open source projects using LGTM.com platform. At the time of writing, analysis results for over 135,000 projects are publicly available on LGTM.com.

Security and software engineering teams at Google, Microsoft, NASA, Nasdaq and Uber depend on Semmle to secure their code. Headquartered in San Francisco, Semmle is a privately held company funded by Accel, with additional offices in Oxford, Copenhagen, New York City, Seattle, and Valencia.


How do you apply?
Semmle aims to hire outstanding people who have a diversity of perspectives, ideas and cultures. We actively support diversity and inclusion in the workplace and are committed to equal employment opportunity regardless of race, colour, ancestry, religion, sex, national origin, sexual orientation, gender identity, age, citizenship, marital status or disability status.

Please complete the following form to apply or feel free to get in touch with Zac Wallis at zac@semmle.com for more information. 

Semmle.com  |  LGTM.com

Want to apply later?

Type your email address below to receive a reminder

Apply to Job

ErrorRequired field
ErrorRequired field
ErrorRequired field
Error
Error
insert_drive_file
insert_drive_file