cppcheck

The impact you can have

The SonarSource Languages Team is looking for a passionate C++ Static Code Analysis Specialist to work on its advanced C-Family analyzer. SonarSource’s C-Family code analyzer is designed to fulfill the needs of C and C++ developers: spotting tricky code quality and security issues as fast as possible while generating as little noise as possible. Dereferences of null pointers, memory leaks, dead code and logic flow errors are some examples of those quality issues. The analyzer also helps to enforce coding standards like CPP Core Guidelines and MISRA C++2008. The analyzer is built on top of the Clang front-end and can run inside the IDE as well as on CI systems. The analyzer is compatible with the mainstream C and C++ compilers: Clang, GCC, MSVC, and Arm.

By joining the C-Family, you will be part of an autonomous team without a manager. You will choose what to work on. You will have fun facing the ultimate challenge of analyzing, what is probably the most complex language in the world: C++.

On a daily basis, you will

• Lead the effort to specify and implement proof of concept of new C-Family code static analysis features
• Keep track of the limitations of the C-Family static analyzer and come up with proposals to overcome them
• Keep up-to-date with the latest academic and industry research and find out if and how they can be used to improve our product
• Collaborate with the R&D team and be the point of contact with them
• Raise the knowledge level of the team when it comes to code static analysis techniques by doing internal presentations and writing documentation
• Work closely with the development team, take part in the technical discussions, and have an impact on the team’s short and long-term goals
• Write technical blog posts that explain our static analysis techniques
• Interact with LLVM code base and have the opportunity to contribute back to it
• Contribute to the code quality of many developers around the world

The skills you will demonstrate

• Solid theoretical understanding of code static analysis techniques
• Prior work experience in the C++ code static analysis industry
• Prior research in the code static analysis domain
• Strong proven experience in C++ along with its development environment
• Solid understanding of the internals of the C++ language and familiarity with its latest standards
• Ability to explain theoretical concepts in a simple manner
• Excellent written and oral communication skills in English

How to perform during interviews

If you want to have an overview of the hiring process and maximize your chances to pass, feel free to check our Interview Preparation Guide !

We can consider remote workers on a case-by-case basis.

Words from the team

The Languages Team's mission is to build state-of-the-art static analyzers used by millions of developers.

We want to help developers to write better and safer code by spotting issues of several kinds for all major programming languages:

• Maintainability issues: code smells
• Reliability issues: bugs
• Security issues: vulnerabilities and security hotspots

Ultimately, we target all issues which can be found through static analysis, even if they require a very deep understanding of the code. The sky's the limit! We believe that, as a side effect, our analyzers should educate developers about coding best practices thanks to the rule descriptions and to the raised issues.

From a SonarSource perspective, the mission of the Languages Team is to generate the data that will provide the most valuable feedback for users of SonarSource’s products.