Security Engineering Manager, Vulnerability Research - Semgrep San Francisco, California, United States Bookmark Share Print 156 0 0

Listing Description

About the role


You will lead a team of security analysts and researchers that build the world’s most useful and actionable supply chain product. This is the team researching vulnerabilities in common dependencies and building rules to analyze CVEs and other supply chain threats. These rules drive Semgrep Supply Chain’s reachability analysis, reducing false positives and helping security teams to prioritize their secure development efforts.


As the vulnerability research team manager, you will be responsible for hiring and growing a team capable of meeting our product goals. You will work with the team to measure and improve rule delivery time and quality, add languages and ecosystems, and expand the scope of what Semgrep Supply Chain can secure. You’ll help the team automate operational work, experiment with new technologies, and gain expertise in new areas.


Prior experience in a fast-paced tech environment is helpful, but we are more interested in your passion for security and building high-performing teams than pedigree. So if this opportunity excites you but you don’t meet the exact requirements, apply anyway!


What you’ll do



  • Hire, develop, and grow the team, cultivating a productive, engaging, diverse, and inclusive work environment that aligns with Semgrep's core values.

  • Measure and improve rule writing cycle time and rule quality

  • Scale the team’s impact through tooling and automation

  • Experiment with new technologies and prototype new approaches to vulnerability management

  • Collaborate on projects with the product engineering, program analysis, and security research teams

  • Teach, learn, and lead throughout the organization


You are ideal for this role if you have



  • Strong expertise in software security, including fundamental principles, best practices, and the ability to dive into nitty-gritty details

  • 1+ years experience managing a security research, application security, or engineering team

  • A strong desire to help others grow, learn, and improve their skills and knowledge

  • A passion for sharing what they learn both inside and outside of Semgrep

  • Experience running a security program, identifying and managing vulnerabilities, and explaining their impact and context to developers responsible for fixing them

  • Motivation to raise the bar for security across various companies in the industry


Compensation


Salary Range: $156,400 - $202,000


Our compensation package includes equity and benefits in addition to salary.


Please note that the range listed is for someone based in the San Francisco Bay Area.


#LI-JL1

Listing Details

  • Citizenship: Not Provided
  • Incentives: Not Provided

 

  • Education: Not Provided
  • Travel: Not Provided
  • Telework: Not Provided

About Us

NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

Useful Links

Our Contacts

1765 Greensboro Station Pl.
Suite 900
Tysons Corner Va 22102

(703) 594-7765

requests@ninjajobs.org
www.ninjajobs.org
Chat with us!