Security Engineer [IC3]

1 Month ago • All levels • Cyber Security • $72,000 PA - $144,000 PA

Job Summary

Job Description

Sourcegraph is seeking a Security Engineer to join their team. The Security Engineer will be responsible for building world-class security into product offerings by working on vulnerability management, application security testing and vulnerability scanning automation, bug bounty programs, and security reviews for both application and infrastructure security. Within the first month, the engineer will contribute to securing sourcegraph.com and enabling customers to upload private code repositories. Within three months, they will enhance security measures and policies to support organizations on sourcegraph.com and ampcode.com. The Security Engineer will also work with other teams to triage, troubleshoot and mitigate customer concerns about their security.
Must have:
  • Experience securing SaaS applications
  • Experience using defensive security tools
  • Experience developing software as an engineer
  • Experience working across engineering teams
  • High agency and effective communication
Good to have:
  • Experience working in a startup environment
  • Experience with Go, TypeScript, Terraform
  • Experience with Kubernetes, GCP
  • Experience securing AI products
Perks:
  • Equity
  • Generous perks & benefits

Job Details

Who we are

Our mission at Sourcegraph is to make it so that everyone can code, not just ~0.1% of the population. 

We are transforming how the world’s most important companies build software by industrializing development with AI. Today, most professional developers spend a disproportionate amount of time understanding code and performing repetitive, low-level tasks—leaving less time for innovation and meaningful impact.

We’re changing that. Sourcegraph brings AI-powered search and agents to the enterprise, helping teams automate the mundane and amplify what developers do best— solving hard problems and creating great products.

Here’s how we’re making a difference:

  • Accelerating developers with AI agents that deliver insights and precision—enabling 5x faster test creation, 30% increase in merge requests, and saving 20 minutes per developer daily.
  • Automating repetitive tasks, from remediating vulnerabilities (saving teams 1,000+ hours annually) to speeding up migrations that would take years to months. 
  • Enabling innovation by addressing complex problems like automated bug triage, vulnerability detection, and AI-driven code reviews seamlessly integrated into workflows.

Trusted by 7/10 top software companies by market cap, 4/6 top US banks and many of the companies leading global innovation, like Stripe, Indeed, Tesla, and 1Password, and with $225M in funding from investors like a16z, Sequoia, and Redpoint, we are building the tools that will define the next era of enterprise software development.

If you’re passionate about solving the hardest problems in software and shaping the future of technology, join us. Let’s build something extraordinary together.

Hours & location

🌎 While we hire almost anywhere in the world, we have a preference for someone to reside in the following locations for this role. However, if you feel qualified, we welcome you to apply regardless of location. No matter what, working hours must overlap with Mountain Time for at least 20 hours/week.

Preferred locations:

  • North America
  • South America

We do not subscribe to “I do my best work when I work 40 hours a week.”  People we hire at Sourcegraph believe that building outstanding things means working very hard — smarter and more hours than the competition.

Why this job is exciting

As a Security Engineer, you will join our exceptional security team tasked with building world-class security into our product offerings by working on vulnerability management, application security testing and vulnerability scanning automation, bug bounty programs, and security reviews for both application and infrastructure security. You will proactively improve the security of our codebase, our product, our cloud, and our customers' on-premise deployments. 

Within one month, you will…

  • You will contribute to the team's goals and deliverables for securing the largest deployment of Sourcegraph (sourcegraph.com), enabling customers to upload private code repositories
  • You will discover, fix, and mitigate infrastructure vulnerabilities by updating libraries, base images, and analyzing containers
  • You will enhance our application security with audits, best practices, code fixes, and continuous education
  • You will perform reactive incident response if a security event occurs

Within three months, you will…

  • You will enhance our security measures and policies to support organizations on sourcegraph.com and ampcode.com
  • You will work with other teams to triage, troubleshoot and mitigate customer concerns and questions about our security
  • You and your manager will work together on a career plan with actionable goals

Within six months, you will…

  • You will work with other teams and engineers to implement secure coding guidelines and best practices
  • You will perform proactive research to detect new attack vectors
  • You will perform threat modeling for existing and future applications 
  • You will assess and integrate new tools and technologies to improve our operational efficiencies
  • You will help maintain compliance with SOC 2, ISO 27001 & GDPR standards

About you 

Equal parts engineer and security professional, you are excited about joining a team that is building a world class security system trusted by some of the biggest tech companies in the world.  You and your teammates are Sourcegraph’s first line of defense against bad actors using all the newest and dirtiest tricks to hack us and (more importantly) our customers.  You want to be a part of the foundational team, the first steps we are taking to build something big, something trusted, something critical to software and our customers

Your skill-set:

  • Practical experience securing SaaS applications, including infrastructure security, application security, and/or compliance
  • Experience using and automating a wide range of defensive security tools
  • Experience developing software as an engineer (i.e., writing code and contributing directly to applications)
  • Experience working across engineering teams to support secure coding across the organization.
  • You are high agency
  • You communicate effectively in writing and documentation

Nice to haves:

  • Experience working in a startup environment
  • Experience with Go, TypeScript, Terraform
  • Experience with Kubernetes, GCP
  • Experience securing AI products

Level

📊 This job is an IC3.  You can read more about our job leveling philosophy in our Handbook.

Compensation

💸 We pay you an above-average salary because we want to hire the best people who are fully focused on helping Sourcegraph succeed, not worried about paying bills. As an open and transparent company that values competitive compensation, our compensation ranges are visible to every single Sourcegraph teammate.

Your salary is determined by your pay band for the IC3 job level. For determining pay bands, we use a number of market and data-driven salary sources, along with your location zone, and target the high-end of the range to ensure we’re always paying above market regardless of where you live in the world. Both U.S. and international locations are divided into one of four zones, determined by the cost of labor index for each area. The salary for a successful candidate will be based on level, job-related skills, experience, qualifications, and location zone. Please note that the salaries below may be adjusted in the future.

💰 The target compensation for this role is based on the IC3 pay band for your zone. The start of the IC3 pay band for each zone is listed below:

  • Zone 2: $144,000
  • Zone 3: $108,000
  • Zone 4: $72,000

Please speak with a recruiter for additional information regarding zone locations.

📈 In addition to our cash compensation, we offer equity (because when we succeed as a company, we want you to succeed, too) and generous perks & benefits.

Interview process 

Below is the interview process you can expect for this role (you can read more about the types of interviews in our Handbook). It may look like a lot of steps, but rest assured that we move quickly and the steps are designed to help you get the information needed to determine if we’re the right fit for you… Interviewing is a two-way street, after all! 

We expect the interview process to take <5 hours in total.

👋 Introduction Stage - we have initial conversations to get to know you better…

🧑‍💻 Team Interview Stage - we then delve into your experience in more depth and introduce you to members of the team, including cross-functional partners…

  • [60m] Technical Interview: General
  • [60m] Technical Interview: Complex Problem Deep Dive
  • [45m] Cross-functional Team Collaboration / Values

🎉 Final Interview Stage - we move you to our final round, where you gain a better understanding of our business and values holistically…

  • [15m] Leadership with co-founder 
  • We check references and conduct your background check

Please note - you are welcome to request additional conversations with anyone you would like to meet, but didn’t get to meet during the interview process.

Learn more about us

You can learn more about what it is like to work at Sourcegraph by reading our handbook.

We are an ambitious team who are collectively working hard to build the most influential company in the world.  You can read more about our culture, competitive compensation and benefits here.

Sourcegraph is an equal opportunity workplace; we welcome people from all backgrounds. 

Sourcegraph participates in E-Verify for U.S. Employees.

Similar Jobs

Loyalty Juggernaut - Mobile Application Developer (Android/iOS)

Loyalty Juggernaut

Hyderabad, Telangana, India (On-Site)
2 Months ago
DevRev - Sales Development Representative

DevRev

Chennai, Tamil Nadu, India (On-Site)
2 Months ago
Scale AI - Head of Product Design

Scale AI

San Francisco, California, United States (On-Site)
8 Months ago
gitlab - Director, Regional Sales - East

gitlab

United States (Remote)
1 Week ago
zeta - Release Train Engineer

zeta

Bengaluru, Karnataka, India (On-Site)
2 Months ago
Take-Two Interactive - Cloud Security Engineer

Take-Two Interactive

Toronto, Ontario, Canada (Hybrid)
6 Days ago
Valeo - Cybersecurity Architect

Valeo

Cairo, Cairo Governorate, Egypt (On-Site)
2 Years ago
Nintendo - Intern - IT Security

Nintendo

Redmond, Washington, United States (On-Site)
8 Months ago
bytedance - Senior Software Engineer, Anti-DDoS - Network Security

bytedance

San Jose, California, United States (On-Site)
5 Months ago
Cadence - IT- Staff Software Security Engineer

Cadence

Noida, Uttar Pradesh, India (On-Site)
1 Month ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

level ai - Senior Product Marketing Manager

level ai

India (Remote)
1 Month ago
Go guardian - Senior Revenue Accountant

Go guardian

United States (Remote)
3 Weeks ago
Globalization Partners - Product Marketing Manager

Globalization Partners

United States (Remote)
1 Week ago
IGN - Director of Subscriptions

IGN

Los Angeles, California, United States (Hybrid)
2 Months ago
HHA Exchange - Training Specialist

HHA Exchange

(Remote)
2 Months ago
Poppulo - Senior Manager, Product & Technology Operations

Poppulo

Bengaluru, Karnataka, India (Hybrid)
2 Months ago
JDA - Customer Success Advisor

JDA

Karlsruhe, Baden-Württemberg, Germany (On-Site)
1 Month ago
undefined - Principal Software Engineer

Raleigh, North Carolina, United States (Hybrid)
2 Months ago
Yodo1 - Growth Marketing Lead

Yodo1

(Remote)
4 Months ago
Salesforce - Development Architect

Salesforce

Tokyo, Japan (Remote)
3 Months ago

Get notifed when new similar jobs are uploaded

Jobs in Worldwide

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

Cyber Security Jobs

Ansys - Cyber Security Customer Assessment Analyst

Ansys

Athens, Greece (Remote)
3 Weeks ago
Vercel - Staff Security Operations Engineer

Vercel

San Francisco, California, United States (Hybrid)
2 Months ago
FICO - Cyber Security Engineer II (Vulnerability Management/ Qualys)

FICO

Bengaluru, Karnataka, India (On-Site)
2 Months ago
Fortra - Security Analyst

Fortra

Australia (On-Site)
1 Month ago
Rippling - Senior Security Engineer, Detection & Response

Rippling

United States (Remote)
4 Months ago
JMA - Senior Embedded Systems Security Engineer

JMA

Plano, Texas, United States (On-Site)
7 Months ago
Zazz - Cybersecurity Analyst

Zazz

(Remote)
5 Months ago
FICO - Security Engineer - Lead Engineer

FICO

Bengaluru, Karnataka, India (On-Site)
1 Week ago
Wind River - Senior Analyst, Cybersecurity Risk & Compliance

Wind River

Boston, Massachusetts, United States (Hybrid)
2 Months ago
Postman - Senior Security Engineer, Application Security

Postman

San Francisco, California, United States (Hybrid)
2 Months ago

Get notifed when new similar jobs are uploaded

About The Company

London, England, United Kingdom (On-Site)

Denver, Colorado, United States (On-Site)

Austin, Texas, United States (On-Site)

San Francisco, California, United States (On-Site)

San Francisco, California, United States (On-Site)

San Francisco, California, United States (On-Site)

View All Jobs

Get notified when new jobs are added by Sourcegraph Inc.

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug