Staff Security Advocate

at Semgrep
  • $147k-$199k
  • Remote - Worldwide

Remote

Cybersecurity

Mid-level

Job description

About Semgrep

Semgrep is on a mission to make it expensive to exploit software. As the team behind the most popular SAST, we built the Semgrep AppSec Platform to deliver industry-leading code, dependency, and secrets scanning to enable organizations to ship secure code quickly without slowing down development.

With fast, customizable code analysis across large codebases, Semgrep helps teams catch vulnerabilities early and fix them faster. Leading companies like Snowflake, Plaid, Figma, Lyft, and Dropbox rely on Semgrep to secure their software.

Semgrep is funded by top investors, including Felicis Ventures, Lightspeed Venture Partners, Menlo Ventures, Redpoint Ventures, and Sequoia Capital.

About the role

The Semgrep Security Advocacy team drives awareness and preference for Semgrep within both application security and software development communities. A Security Advocate will educate teams on secure coding, activate them through delightful product onboarding experiences, and encourage community champions to become force-multipliers that amplify our messages. We work extremely hard but also bring the fun to cross- fun ctional.

Location expectations:

  • This role is remote friendly, with some travel expected.

Prior experience in a fast-paced, tech environment is helpful, but we are more interested in your curiosity and passion for learning and technical skills than your pedigree. So if this opportunity excites you but you don’t meet the exact requirements, apply anyway!

What you’ll do

Security Research & Thought Leadership

  • Partner with security researchers to investigate emerging security trends and patterns, transforming complex findings into easily understandable and actionable insights that resonate with security and developer audiences.
  • Build and maintain credibility as a trusted security voice by publishing original research, proof-of-concepts, and detailed analysis.

Content Creation

  • Amplify discoveries and messages through compelling story narratives and real-world demonstrations.
  • Address critical security education gaps within developer and security ecosystems.
  • Produce high-impact technical content including conference presentations, in-depth blog posts, video tutorials, and short-form community engagement on social channels and forums.

Community Building & Evangelism

  • Establish Semgrep as the go-to solution for secure coding by engaging authentically with security practitioners and software development teams wherever they are.
  • Lead technical workshops and hands-on training sessions that demonstrate practical security risks and remediation using Semgrep tools.
  • Cultivate relationships with other influencers within DevSecOps and AppSec communities to expand your reach and gather intelligence.
  • Support internal teammates to be the best version of themselves by sharing your knowledge and best practices across functions.

Product Feedback Loop

  • Serve as the voice of the community within Semgrep, translating user pain points and opportunities into product enhancement opportunities.
  • Support engineering and product teams to beta test and provide comprehensive user experience feedback.

You are ideal for this role if you have

Technical Security Expertise

  • 8+ years of hands-on keyboard experience identifying, analyzing, and remediating security vulnerabilities across web applications, cloud infrastructure, and APIs.
  • Proven track record of security research contributions such as CVE discoveries, security advisories, or published research.
  • Deep understanding of OWASP Top 10, secure coding practices, and common vulnerability classes as well as application security testing methodologies (SAST, DAST, IAST) with familiarity of strengths and limitations.

Software Development & Tools

  • Strong programming skills in multiple languages commonly used in enterprise development (Python, JavaScript, Java, Go, etc.).
  • Experience with modern development workflows and methodologies including CI/CD pipelines, containerization, infrastructure as code, cloud deployment, and generative AI.

Communication & Advocacy Skills

  • Ability to translate complex technical concepts into business value or user-friendly explanations.
  • Exceptional written and verbal communication abilities with a portfolio of technical content delivered to technical audiences.
  • Proven public speaking experience at industry conferences, meetups, or similar events.
  • Experience building and nurturing technical communities through contributions, organization, and online engagement.
  • Be able to speak with compassion and empathy to everybody from the CTO/CISO to Software Developer/Intern/Security Engineer.
  • Previous developer relations role such as a developer advocate, technical evangelist, or similar public-facing community position.

Compensation

Salary Range: $147,500 - $199,500

Our compensation package includes equity and benefits in addition to salary.

Please note that the range listed is for someone based in the San Francisco Bay Area.

What we offer

Our goal is to competitively and fairly compensate every Semgrep employee with a system that equally rewards those who are vocal and those who are less comfortable making demands during the final steps of the hiring process. To that end, we generate internal compensation bands that are used when discussing and negotiating salaries. We update these based on market data to make sure they’re above the average for comparable roles.

We also invest in our employees’ well-being and long term success with comprehensive health plans, generous vacation time, 401k, learning stipends, and more. Our benefits are for everyone, so that you’re taken care of, and we work with individuals to make sure they have what they need, whether that’s quiet work space, adjusted hours, or something else.

Who we are

We have people from France and the Philippines, physics and philosophy, formal methods research and full fledged corporations. We’re new parents and new grads, aspiring authors and aspiring Americans, dog lovers and dogfooders. We get together often to bike, bake, and meet up in parks. In our interactions, we believe respect and honesty go hand in hand, and prioritize both.

Semgrep is an equal-opportunity employer seeking a diverse range of backgrounds. We value who you are — including your cultural heritage, your socioeconomic status, your age, your race, your gender, your sexual orientation, your disabilities. We value what’s vitally important to you — your family, your religion, your politics. We value what you love in this world — your music, your weekend pursuits. We believe in welcoming varied professional backgrounds, educations, and interests. If you’re exceptional in your role, believe in Semgrep’s mission, and treat Semgrep’s values as your own, you belong here.

Share this job:
Please let Semgrep know you found this job on Remote First Jobs 🙏

Similar Remote Jobs

Latest Jobs at Semgrep

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service 🙏

Apply