Senior IDE Engineer, Semgrep Analysis Foundations

As a member of the Semgrep Analysis Foundations team, you’ll enable developers to code securely — whether they handwrite code in an IDE, work in conjunction with LLM-enabled tools, or let agents run autonomously. You’ll own our IDE integrations and MCP server, adding whatever functionality is needed to help developers find and fix vulnerabilities in their code with minimal friction. This includes the code analysis underlying our scanning, so that you can make improvements as needed to our actual detection software. All the while, you’ll ensure we release improvements frequently and painlessly, supporting our culture of fast experimentation. Through Semgrep’s culture of transparency, you’ll see and influence the decisions that make a startup successful. Your decisions will be key to making Semgrep a world-leading static-analysis project, giving you lasting influence not only at Semgrep, but in the world’s developer community.

You will:

• Own and improve the reliability and user experience of our IDE extensions across VSCode, IntelliJ, and other popular editors
• Design IDE-native workflows that integrate seamlessly with AI coding assistants and autonomous development agents
• Maintain the infrastructure for our MCP (model context protocol) server
• Ensure frequent, easy releases to all supported platforms
• Build comprehensive observability and debugging tools that help us quickly identify and resolve issues in diverse customer environments
• Advocate for architectural decisions that make our code easy to reason about and allow us to scale with an exponentially growing number of users
• Advise and mentor other engineers via thoughtful code reviews, planning discussions, technical documentation, and formal mentorship

You are ideal for this role if you have:

• Interest in developing an IDE extension for a popular language or tool
• Built and maintained high-availability, low-latency systems that require real-time responsiveness
• Built cross-platform applications for Linux, macOS, and Windows, including automated testing and CI/CD pipelines
• Passion for shipping quickly and safely, caring deeply about solving real problems for our users and allowing them to depend on us
• Excellent and proactive communication, both verbal and written
• Interest in code analysis and experience or interest in working in a functional programming language (OCaml, Haskell). If you’ve ever spent time studying how your interpreter, compiler, linter, or garbage collector works, come work with us!

Some example projects you might work on include:

• Develop IDE-optimized features like incremental scanning and smart caching for instant feedback without disrupting developer flow
• Create MCP tools that help AI assistants write secure code by providing real-time guidance, suggesting safer alternatives, and validating generated code
• Build code navigation features that help developers understand security implications and enforce best practices using Semgrep analysis
• Integrate our MCP server backend with the main infrastructure for running scans
• Implement telemetry to track the effectiveness of Semgrep detection and judge which rules are performing the best in the IDE context
• Build intelligent code navigation features that help developers understand security implications across their codebase, enforce coding standards, and discover relevant existing patterns using Semgrep's analysis capabilities

Salary Range: $176,000-207,000 USD

Our compensation package includes equity and benefits in addition to salary.

Please note that the range listed is for someone based in the San Francisco Bay Area.