Overview

GitHub is the home for software development, where developers collaborate to build some of the world’s most important software. The security of that software is a collective problem, a responsibility that involves producers and consumers of code, open source maintainers, security researchers, and security teams. At GitHub, we want to give the community the tools and features they need to secure the software we all depend on.

One of those features is Code Scanning, which analyses code in depth to find security flaws and other bugs that testing and day-to-day use have missed. The Code Scanning team at GitHub builds the infrastructure to run analysis tools like GitHub CodeQL at scale, and display the results seamlessly in the regular workflows of developers and security teams.

Responsibilities:

Your main responsibility will be to design, develop and scale GitHub’s new Code Scanning feature. This work will typically fall into one of three areas:

  • Analysis & ingestion — provide the building blocks for developers to quickly enable Code Scanning in their CI workflows, and build the API for ingesting that data into GitHub
  • Store, process & notify — collate, de-duplicate, store, and serve Code Scanning results, including determining what changed since the last analysis to power notifications
  • UI & Developer APIs — build a great UX for developers and security teams

In addition you will:

  • Evaluate and recommend solutions, and guide team decision making
  • Help to coordinate with engineering and product leadership to define and prioritize projects that help us meet business objectives
  • Document the systems you help build, monitor, and maintain
  • Coordinate with product, design, and support to maintain a backlog of priorities
  • Improve the scalability and performance of our platform
  • Mentor, pair, and delegate work to encourage the professional and technical growth of those around you

Minimum Qualifications:

  • 5+ years experience building web applications at scale
  • 3+ years experience with building these applications in either Go or Ruby
  • Passionate about fostering good engineering practices and processes
  • Solid knowledge of testing principles
  • Experience with relational databases
  • Experience with API design

Preferred Qualifications:

  • Significant experience of building large, high traffic web applications and services
  • Experience writing tools or applications for developers
  • Knowledge of common security flaws like cross-site scripting, and how to explain them

Who We Are:

GitHub is the developer company. Over 40 million people use GitHub to build amazing things together across 100 million repositories. We make it easier for developers to be developers: to work together, to solve challenging problems, to create the world’s most important technologies. We foster a collaborative community that can come together—as individuals and in teams—to create the future of software and make a difference in the world.

Leadership Principles:

  • Customer Obsessed
  • Trust by Default
  • Ship to Learn
  • Own the Outcome
  • Growth Mindset
  • Global Product, Global Team
  • Anything is Possible
  • Practice Kindness

Why You Should Join:

At GitHub, we constantly strive to create an environment that allows our employees (Hubbers) to do the best work of their lives. We’ve designed one of the coolest workspaces in San Francisco (HQ), where over half of our Hubbers work, snack, and create daily. The other half of our Hubbers work remotely in 18 countries across the globe.

We are also committed to keeping Hubbers healthy, motivated, focused and creative. We’ve designed our top-notch benefits program with these goals in mind. In a nutshell, we’ve built a place where we truly love working, we think you will too.

GitHub is made up of people from a wide variety of backgrounds and lifestyles. We embrace diversity and invite applications from people of all walks of life. We don’t discriminate against employees or applicants based on gender identity or expression, sexual orientation, race, religion, age, national origin, citizenship, disability, pregnancy status, veteran status, or any other differences. Also, if you have a disability, please let us know if there’s any way we can make the interview process better for you; we’re happy to accommodate!

Please note that benefits vary by country, if you have any questions, please don’t hesitate to ask your Talent Partner.

#LI-POST