The Pragmatic Engineer cover art

The Pragmatic Engineer

The Pragmatic Engineer

By: Gergely Orosz
Listen for free

About this listen

 Software engineering at Big Tech and startups, from the inside. Deepdives with experienced engineers and tech professionals who share their hard-earned lessons, interesting stories and advice they have on building software. Especially relevant for software engineers and engineering leaders: useful for those working in tech.

newsletter.pragmaticengineer.comGergely Orosz Politics & Government
Episodes
  • Being a founding engineer at an AI startup

    Being a founding engineer at an AI startup
    Dec 3 2025

    Brought to You By:

    •⁠ Statsig ⁠ — ⁠ The unified platform for flags, analytics, experiments, and more.

    •⁠ Linear ⁠ — ⁠ The system for modern product development.

    Michelle Lim joined Warp as engineer number one and is now building her own startup, Flint. She brings a strong product-first mindset shaped by her time at Facebook, Slack, Robinhood, and Warp. Michelle shares why she chose Warp over safer offers, how she evaluates early-stage opportunities, and what she believes distinguishes great founding engineers.

    Together, we cover how product-first engineers create value, why negotiating equity at early-stage startups requires a different approach, and why asking founders for references is a smart move. Michelle also shares lessons from building consumer and infrastructure products, how she thinks about tech stack choices, and how engineers can increase their impact by taking on work outside their job descriptions.

    If you want to understand what founders look for in early engineers or how to grow into a founding-engineer role, this episode is full of practical advice backed by real examples

    Timestamps

    (00:00) Intro

    (01:32) How Michelle got into software engineering

    (03:30) Michelle’s internships

    (06:19) Learnings from Slack

    (08:48) Product learnings at Robinhood

    (12:47) Joining Warp as engineer #1

    (22:01) Negotiating equity

    (26:04) Asking founders for references

    (27:36) The top reference questions to ask

    (32:53) The evolution of Warp’s tech stack

    (35:38) Product-first engineering vs. code-first

    (38:27) Hiring product-first engineers

    (41:49) Different types of founding engineers

    (44:42) How Flint uses AI tools

    (45:31) Avoiding getting burned in founder exits

    (49:26) Hiring top talent

    (50:15) An overview of Flint

    (56:08) Advice for aspiring founding engineers

    (1:01:05) Rapid fire round

    The Pragmatic Engineer deepdives relevant for this episode:

    • Thriving as a founding engineer: lessons from the trenches

    • From software engineer to AI engineer

    • AI Engineering in the real world

    • The AI Engineering stack

    Production and marketing by ⁠⁠⁠⁠⁠⁠⁠⁠https://penname.co/⁠⁠⁠⁠⁠⁠⁠⁠. For inquiries about sponsoring the podcast, email podcast@pragmaticengineer.com.



    Get full access to The Pragmatic Engineer at newsletter.pragmaticengineer.com/subscribe
    Show More Show Less
    1 hr and 4 mins
  • Code security for software engineers

    Code security for software engineers
    Nov 26 2025

    Brought to You By:

    •⁠ Statsig ⁠ — ⁠ The unified platform for flags, analytics, experiments, and more. Statsig are helping make the first-ever Pragmatic Summit a reality. Join me and 400 other top engineers and leaders on 11 February, in San Francisco for a special one-day event. Reserve your spot here.

    •⁠ Linear ⁠ — ⁠ The system for modern product development. Engineering teams today move much faster, thanks to AI. Because of this, coordination increasingly becomes a problem. This is where Linear helps fast-moving teams stay focused. Check out Linear.

    As software engineers, what should we know about writing secure code?

    Johannes Dahse is the VP of Code Security at Sonar and a security expert with 20 years of industry experience. In today’s episode of The Pragmatic Engineer, he joins me to talk about what security teams actually do, what developers should own, and where real-world risk enters modern codebases.

    We cover dependency risk, software composition analysis, CVEs, dynamic testing, and how everyday development practices affect security outcomes. Johannes also explains where AI meaningfully helps, where it introduces new failure modes, and why understanding the code you write and ship remains the most reliable defense.

    If you build and ship software, this episode is a practical guide to thinking about code security under real-world engineering constraints.

    Timestamps

    (00:00) Intro

    (02:31) What is penetration testing?

    (06:23) Who owns code security: devs or security teams?

    (14:42) What is code security?

    (17:10) Code security basics for devs

    (21:35) Advanced security challenges

    (24:36) SCA testing

    (25:26) The CVE Program

    (29:39) The State of Code Security report

    (32:02) Code quality vs security

    (35:20) Dev machines as a security vulnerability

    (37:29) Common security tools

    (42:50) Dynamic security tools

    (45:01) AI security reviews: what are the limits?

    (47:51) AI-generated code risks

    (49:21) More code: more vulnerabilities

    (51:44) AI’s impact on code security

    (58:32) Common misconceptions of the security industry

    (1:03:05) When is security “good enough?”

    (1:05:40) Johannes’s favorite programming language

    The Pragmatic Engineer deepdives relevant for this episode:

    • What is Security Engineering?

    •⁠ Mishandled security vulnerability in Next.js

    •⁠ Okta Schooled on Its Security Practices

    Production and marketing by ⁠⁠⁠⁠⁠⁠⁠⁠https://penname.co/⁠⁠⁠⁠⁠⁠⁠⁠. For inquiries about sponsoring the podcast, email podcast@pragmaticengineer.com.



    Get full access to The Pragmatic Engineer at newsletter.pragmaticengineer.com/subscribe
    Show More Show Less
    1 hr and 8 mins
  • How AI will change software engineering – with Martin Fowler

    How AI will change software engineering – with Martin Fowler
    Nov 19 2025
    Brought to You By:•⁠ Statsig ⁠ — ⁠ The unified platform for flags, analytics, experiments, and more. AI-accelerated development isn’t just about shipping faster: it’s about measuring whether, what you ship, actually delivers value. This is where modern experimentation with Statsig comes in. Check it out.•⁠ Linear ⁠ — ⁠ The system for modern product development. I had a jaw-dropping experience when I dropped in for the weekly “Quality Wednesdays” meeting at Linear. Every week, every dev fixes at least one quality isse, large or small. Even if it’s one pixel misalignment, like this one. I’ve yet to see a team obsess this much about quality. Read more about how Linear does Quality Wednesdays – it’s fascinating!—Martin Fowler is one of the most influential people within software architecture, and the broader tech industry. He is the Chief Scientist at Thoughtworks and the author of Refactoring and Patterns of Enterprise Application Architecture, and several other books. He has spent decades shaping how engineers think about design, architecture, and process, and regularly publishes on his blog, MartinFowler.com.In this episode, we discuss how AI is changing software development: the shift from deterministic to non-deterministic coding; where generative models help with legacy code; and the narrow but useful cases for vibe coding. Martin explains why LLM output must be tested rigorously, why refactoring is more important than ever, and how combining AI tools with deterministic techniques may be what engineering teams need.We also revisit the origins of the Agile Manifesto and talk about why, despite rapid changes in tooling and workflows, the skills that make a great engineer remain largely unchanged.—Timestamps(00:00) Intro(01:50) How Martin got into software engineering (07:48) Joining Thoughtworks (10:07) The Thoughtworks Technology Radar(16:45) From Assembly to high-level languages(25:08) Non-determinism (33:38) Vibe coding(39:22) StackOverflow vs. coding with AI(43:25) Importance of testing with LLMs (50:45) LLMs for enterprise software(56:38) Why Martin wrote Refactoring (1:02:15) Why refactoring is so relevant today(1:06:10) Using LLMs with deterministic tools(1:07:36) Patterns of Enterprise Application Architecture(1:18:26) The Agile Manifesto (1:28:35) How Martin learns about AI (1:34:58) Advice for junior engineers (1:37:44) The state of the tech industry today(1:42:40) Rapid fire round—The Pragmatic Engineer deepdives relevant for this episode:• Vibe coding as a software engineer• The AI Engineering stack• AI Engineering in the real world• What changed in 50 years of computing—Production and marketing by ⁠⁠⁠⁠⁠⁠⁠⁠https://penname.co/⁠⁠⁠⁠⁠⁠⁠⁠. For inquiries about sponsoring the podcast, email podcast@pragmaticengineer.com. Get full access to The Pragmatic Engineer at newsletter.pragmaticengineer.com/subscribe
    Show More Show Less
    1 hr and 49 mins
No reviews yet
In the spirit of reconciliation, Audible acknowledges the Traditional Custodians of country throughout Australia and their connections to land, sea and community. We pay our respect to their elders past and present and extend that respect to all Aboriginal and Torres Strait Islander peoples today.