About Semgrep
We offer a code security platform for developers. Our platform brings together SAST (Static Application Security Testing), SCA (Software Composition Analysis), and secrets scanning, building protection into the development workflow. We combine static analysis with AI to detect, triage, and fix issues. Our customers report significantly fewer false positives (up to 80% less across code and supply chain, with 95% of findings validated by security reviewers from over 6 million results).
We scan source code to find security issues and help teams automate code standards, find vulnerable dependencies, and enforce security on pull requests. We also build and operate our own cloud infrastructure, using technologies like Kubernetes and AWS. We develop tools to protect software from vulnerable dependencies and integrate security workflows. Semgrep started in San Francisco in 2017. Snowflake, Dropbox, and Figma are among the organizations that use our platform.
Mission & Values
Our mission is to make it expensive to exploit software.
Team & Culture
Semgrep has 201-500 employees. The company fosters a diverse and inclusive culture with equal opportunity employment. Our engineering, product, and sales teams work together to build and deliver application security tools. Engineers design, implement, and deploy infrastructure projects, often managing them from start to finish.
Teams like Infrastructure, Supply Chain, and Security Workflows focus on different parts of the platform, such as building cloud platforms, protecting software from vulnerable dependencies, and creating cross-product integrations. Some roles require participation in on-call rotations to maintain high availability. The company is also expanding its support organization while keeping a strong focus on customer needs.
Benefits & Perks
We offer health plans, generous vacation time, and a 401(k) with company contributions. Employees also get learning stipends, equity, and competitive pay. We support remote work for eligible US-based roles and provide flexibility. Some positions may prefer occasional office presence or travel to our San Francisco or New York offices. We aim to support our employees’ well-being and long-term success.
Frequently Asked Questions
Semgrep offers an application security platform that includes AI-assisted SAST (Static Application Security Testing), SCA (Software Composition Analysis), and Secrets Detection. These solutions scan source code to identify and address security issues. The platform also provides tools to automate code standards, find vulnerable dependencies, enforce security on pull requests, and integrate into development workflows.
Semgrep’s mission is to make it expensive to exploit software.
Employee benefits include comprehensive health plans, generous vacation time, 401(k) with company contribution, learning stipends, equity and competitive compensation, and remote work options where applicable. The company also supports employee well-being and long-term success.
Semgrep operates with teams focused on areas such as Infrastructure, Supply Chain, and Security Workflows, where engineers collaborate with product managers and other engineers. The culture emphasizes diversity, inclusivity, and equal opportunity. Some roles involve on-call rotations and a focus on site-reliability practices. While some positions offer remote flexibility, others may have a preferred office presence or require occasional travel to offices.
Semgrep was founded in 2017.
Semgrep has 201-500 employees.
Semgrep hires in π¦πΊ Australia, πΈπ¬ Singapore, and πΊπΈ United States.
Semgrep is not actively hiring at the moment. Check back later for new opportunities.
Yes, Semgrep is a remote-first company.
Semgrep's website is semgrep.dev .
You can find Semgrep on X (Twitter) and LinkedIn .
Remote companies like Semgrep
Explore remote-first companies similar to Semgrep. Discover other top-rated employers that offer flexible schedules and work-from-anywhere options.
ReversingLabs
Develops enterprise cybersecurity products for malware analysis, threat intelligence, and software supply chain security.
boostsecurity.io
DevSecOps automation platform for application security management and software supply chain protection.
Milk Moovement
Cloud-based software for dairy supply chain management, assisting cooperatives, haulers, and processors
Endor Labs
An AppSec platform for software supply chain security, helping teams find, prioritize, and fix critical code risks faster.
Zone & Co
NetSuite-native financial operations platforms for billing, AP, and reporting workflows.
Trustonic
Provides device-locking technology and security solutions for connected devices, including Trusted Execution Environment (TEE).
Project: Career Search
Rev. 2026.3
[ Remote Jobs ]
Direct Access
We source jobs directly from 21,000+ company career pages. No intermediaries.
Discover Hidden Jobs
Unique jobs you won't find on other job boards.
Advanced Filters
Filter by category, benefits, seniority, and more.
Priority Job Alerts
Get timely alerts for new job openings every day.
Manage Your Job Hunt
Save jobs you like and keep a simple list of your applications.