Skip to main content
SourcegraphSO

Security Engineer [IC3]

Sourcegraph is a code intelligence platform that helps developers search, understand, and automate code across any codebase, using AI to increase developer productivity.

Sourcegraph

Employee count: 51-200

Salary: $72K – $144K per year

United States only

Stay safe on Himalayas

Never send money to companies. Jobs on Himalayas will never require payment from applicants.

Who we are

Everything is changing in how software gets built, and Sourcegraph is at the center of that transformation. With Code Search, Deep Search, and MCP, Sourcegraph is the world’s most powerful code intelligence platform that developers and agents rely on to navigate, understand, and operate on massive, complex codebases with speed and confidence.

Teams at companies like Stripe, Uber, and Dropbox rely on Sourcegraph to ship faster and with higher quality. We’re backed by a16z, Sequoia, and Redpoint, and proud to operate as a globally distributed team that values high agency, direct communication, and a deep love for developers and their craft.

If you want to contribute to infrastructure that empowers millions of developers to do their best work - join us.

Hours & location

🌎 While we hire almost anywhere in the world, we have a preference for someone to reside in the following locations for this role. However, if you feel qualified, we welcome you to apply regardless of location. No matter what, working hours must overlap with EST for at least 10 hours/week.

Preferred locations:

  • Europe

Why this job is exciting

As a Security Engineer, you will join our exceptional security team tasked with building world-class security into our product offerings by working on security operations, maintaining and improving our monitoring and alerting stack, participating in on-call and responding to security incidents, application security testing, bug bounty programs, and security reviews for both application and infrastructure security. You will proactively improve the security of our codebase, product, cloud, and customers' on-premise deployments. This is a generalist role where you will be primarily focused on Security Operations, but will also work across all facets of a security program.

Within one month, you will…

  • Be onboarded to our alerting and monitoring stack
  • Be able to participate in on-call rotations
  • You will discover, fix, and mitigate infrastructure vulnerabilities by updating libraries, base images, and analyzing containers

Within three months, you will…

  • Maintain internal systems, such as automations that assist in alert triaging
  • You will work with other teams to triage, troubleshoot, and mitigate customer concerns and questions about our security
  • You will enhance our application security with audits, best practices, code fixes, and continuous education
  • You will perform reactive incident response if a security event occurs
  • You and your manager will work together on a career plan with actionable goals

Within six months, you will…

  • You will perform proactive research to detect new attack vectors
  • You will perform threat modeling for existing and future applications
  • You will assess and integrate new tools and technologies to improve our operational efficiencies
  • You will help maintain compliance with SOC 2, ISO 27001 & GDPR standards

About you

Equal parts engineer and security professional, you are excited about joining a team that is building a world-class security system trusted by some of the biggest tech companies in the world. You and your teammates are Sourcegraph’s first line of defense against bad actors using all the newest and dirtiest tricks to hack us and (more importantly) our customers. You want to be a part of the foundational team, the first steps we are taking to build something big, something trusted, something critical to software and our customers

Your skill-set:

  • Practical experience reviewing SIEM alerts and participating in on-call rotations
  • Practical experience securing SaaS applications as a security generalist, including infrastructure security, application security, and/or compliance
  • Experience with Go, including writing and maintaining internal tooling along with code reviews
  • Experience with Elastic stack and GCP
  • Experience using and automating a wide range of defensive security tools
  • Experience working across engineering teams to secure projects across the organization.
  • You are high agency
  • You communicate effectively in writing and documentation

Nice to haves:

  • Experience developing software as an engineer (i.e., writing code and contributing directly to applications)
  • Experience working in a startup environment
  • Experience with TypeScript and Terraform
  • Experience with Kubernetes
  • Experience securing AI products

Level

📊 This job is an IC3. You can read more about our job leveling philosophy in our Handbook.

Compensation

💸 We pay you an above-average salary because we want to hire the best people who are fully focused on helping Sourcegraph succeed, not worried about paying bills. As an open and transparent company that values competitive compensation, our compensation ranges are visible to every single Sourcegraph teammate.

Your salary is determined by your pay band for the IC3 job level. For determining pay bands, we use a number of market and data-driven salary sources, along with your location zone, and target the high-end of the range to ensure we’re always paying above market regardless of where you live in the world. Both U.S. and international locations are divided into one of four zones, determined by the cost of labor index for each area. The salary for a successful candidate will be based on level, job-related skills, experience, qualifications, and location zone. Please note that the salaries below may be adjusted in the future.

💰 The target compensation for this role is based on the IC3 pay band for your zone. The start of the IC3 pay band for each zone is listed below:

  • Zone 2: $144,000
  • Zone 3: $108,000
  • Zone 4: $72,000

Please speak with a recruiter for additional information regarding zone locations.

📈 In addition to our cash compensation, we offer equity (because when we succeed as a company, we want you to succeed, too) and generous perks & benefits.

Interview process

Below is the interview process you can expect for this role (you can read more about the types of interviews in our Handbook). It may look like a lot of steps, but rest assured that we move quickly and the steps are designed to help you get the information needed to determine if we’re the right fit for you… Interviewing is a two-way street, after all!

We expect the interview process to take <5 hours in total.

👋 Introduction Stage - we have initial conversations to get to know you better…

🧑‍💻 Team Interview Stage - we then delve into your experience in more depth and introduce you to members of the team, including cross-functional partners…

  • [60m] Technical Interview: General
  • [60m] Technical Interview: Complex Problem Deep Dive
  • [45m] Cross-functional Team Collaboration / Values

🎉 Final Interview Stage - we move you to our final round, where you gain a better understanding of our business and values holistically…

  • [15m] Leadership
  • We check references and conduct your background check

Please note - you are welcome to request additional conversations with anyone you would like to meet, but didn’t get to meet during the interview process.

Learn more about us

You can learn more about what it is like to work at Sourcegraph by reading our handbook.

We are an ambitious team who are collectively working hard to build the most influential company in the world. You can read more about our culture, competitive compensation and benefits here.

Sourcegraph is an equal opportunity workplace; we welcome people from all backgrounds.

Sourcegraph participates in E-Verify for U.S. Employees.

About the job

Apply before

Posted on

Job type

Full Time

Experience level

Salary

Salary: $72K – $144K per year

Location requirements

Hiring timezones

United States +/- 0 hours

About Sourcegraph

Learn more about Sourcegraph and their company culture.

View company profile

Modern software development teams are often confronted with the immense challenge of navigating and understanding vast, complex codebases. As projects grow, spanning multiple repositories, languages, and services, developers can spend a significant portion of their time simply trying to find relevant code, understand dependencies, and assess the impact of changes, rather than building new features. This friction slows down innovation, makes onboarding new engineers a lengthy process, and increases the risk of introducing bugs. Customers need a way to cut through this complexity and empower their developers to ship better software, faster. Sourcegraph was founded to address this exact problem, providing a universal code search and intelligence platform that acts as a GPS for any codebase.

Sourcegraph's platform provides developers with the tools they need to rapidly search, comprehend, and automate changes across their entire codebase. For engineering leaders, this means increased developer velocity, improved code quality, and a more streamlined onboarding experience for new hires. By giving developers the ability to find code examples, trace references, and understand the historical context of any piece of code, Sourcegraph helps teams resolve incidents quicker and manage large-scale refactors with confidence. With the integration of its AI coding assistant, Cody, Sourcegraph further enhances developer productivity by automating common tasks, answering code-related questions, and even writing new code. This allows customers to not only accelerate their development cycles but also to foster a culture of deeper code understanding and collaboration, ultimately enabling them to build more robust and innovative products for their own users.

Employee benefits

Learn about the employee benefits and perks provided at Sourcegraph.

View benefits

Fertility Benefits

Up to $25,000 USD for fertility treatment.

Paid Parental Leave

Generous paid parental leave for all new parents.

Wellness Benefits

A wellness budget to support physical and mental health.

Equity Benefits

Every employee gets equity, so you are rewarded for your best work.

View Sourcegraph's employee benefits
Claim this profileSourcegraph logoSO

Sourcegraph

View company profile

Similar remote jobs

Here are other jobs you might want to apply for.

View all remote jobs

5 remote jobs at Sourcegraph

Explore the variety of open remote roles at Sourcegraph, offering flexible work options across multiple disciplines and skill levels.

View all jobs at Sourcegraph

Remote companies like Sourcegraph

Find your next opportunity by exploring profiles of companies that are similar to Sourcegraph. Compare culture, benefits, and job openings on Himalayas.

View all companies

Get matched with your dream remote job

Sign up now and join over 250,000+ remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up