Software Engineer, Program Analysis

San Francisco, CA
r2c
We're a small San Francisco startup passionate about analyzing code and measuring its security. We provide tools to developers, hackers, and researchers that simplify program analysis and make it possible to analyze entire software ecosystems quickly (e.g. every publicly available JavaScript project on GitHub). Security issues are an open source public health problem; with your help we can vaccinate the community against entire classes of exploits. Come join us and give back to the open source community!

You'll be an early program analysis engineer working with our designers, developers, and academic research partners to create a platform that brings together program analysis authors with people who review and fix issues in open source software.

We take an empirical approach to product development, proposing experiments and rigorously validating our ideas. We believe in building each other up and 'yes and...' conversations! You’ll have the opportunity to meet with users and set the direction of the product here.

Responsibilities

    • Design and help build program analysis tools to run at scale across open source JavaScript
    • Use them to design codebase-wide protections and mitigations for security flaws, ex: a URL parsing library for SSRF
    • Influence the design and implementation of program analysis APIs for external users
    • Develop systems or frameworks (e.g. linters, analysis tools, and other developer-workflow integrations) that help other engineers improve security

Minimum Requirements

    • BS degree in Computer Science, similar technical field of study, or equivalent practical experience
    • Experience in software development (New graduates through senior engineers welcome)
    • Experience with C/C++, Python, Haskell, etc.
    • Familiarity with program analysis and transformation concepts and tools, e.g. SSA, LLVM IR, taint tracking
    • Interests in compilers, programming languages, functional programming, or program analysis
    • Passion for software security
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, disability status, or any other basis covered by appropriate law.

Working proficiency and communication skills in verbal and written English and being authorized to work in the US are required.