Senior CodeQL Analysis Engineer

Requirements

• Several years of experience as a software engineer, software consultant, or software security engineer
• Fluent in software development fundamentals (version control using git, pull request workflows etc.) or equivalent education in relevant fields
• Multiple years of experience in developing or customizing source code analysis tools, compilers, debuggers, IDE tools or similar
• Strong understanding of programming language fundamentals
• Demonstrable ability with at least one of the languages supported by CodeQL (C, C++, C#, Java, JavaScript/TypeScript, Python, Ruby, Kotlin, Swift, and Go)

Nice to Haves

• Implementing or working with static analysis, with a focus on taint tracking or abstract interpretation
• Experience implementing high-level languages (interpreters or compilers)
• Logic Programming (Datalog, Prolog, CodeQL) or Functional Programming (Haskell, OCaml, Lisp, etc.)
• Secure coding practices and triaging common types of security vulnerabilities
• Relational database fundamentals
• Working directly with customers or stakeholders to scope, propose and implement technical solutions
• Mentoring and educating other engineers and disseminating complex technical ideas and processes

What You'll Be Doing

• Develop creative bespoke solutions using CodeQL to help solve challenging customer problems
• Use CodeQL to develop static analyses to find vulnerabilities in customers' code
• Refine and scale analyses for running across multiple codebases
• Provide CodeQL training for developers and security engineers
• Support product development and adoption of AI-powered CodeQL features
• Act as a trusted advisor for customers on all aspects of CodeQL

Perks and Benefits

• Competitive pay
• Generous learning and growth opportunities
• Excellent benefits
• Remote-first work environment