Staff Security Advocate

November 25

🌵 Arizona – Remote

Although this job is listed in Arizona, this company may be open to hiring remote in other states.

🏄 California – Remote

Although this job is listed in California, this company may be open to hiring remote in other states.

+19 more states

🌵 Arizona – Remote 🏄 California – Remote ⛰️ Colorado – Remote 🦌 Connecticut – Remote 🐊 Florida – Remote 🌽 Illinois – Remote 🌾 Nebraska – Remote 🏖️ New Jersey – Remote 🗽 New York – Remote 🌲 North Carolina – Remote 🌲 Oregon – Remote 🦀 Maryland – Remote 🍂 Massachusetts – Remote 🚗 Michigan – Remote 🏰 Missouri – Remote 🎸 Tennessee – Remote 🤠 Texas – Remote ⚔️ Virginia – Remote ☕ Washington – Remote 🧀 Wisconsin – Remote

💵 $147.5k - $199.5k / year

⏰ Full Time

🔴 Lead

👮‍♂️ Cybersecurity / Security Engineer

Apply Now

Receive Emails with Similar Jobs

Semgrep

WebsiteLinkedInAll Job Openings

Cybersecurity • SaaS

Semgrep is an application security company that provides a SaaS AppSec platform focused on static application security testing (SAST), software composition analysis (SCA) for supply chain vulnerabilities, and secrets detection. It combines fast, code-aware rule-based scanning, community and managed rules, and AI-powered triage and fix recommendations to reduce false positives and integrate security feedback into developer workflows and CI/CD pipelines. Semgrep's products and engine are designed to help engineering and security teams automate, scale, and operationalize security across organizations.

51 - 200 employees

Founded 2017

🔒 Cybersecurity

☁️ SaaS

📋 Description

• Partner with security researchers to investigate emerging security trends and patterns, transforming complex findings into easily understandable and actionable insights that resonate with security and developer audiences. • Build and maintain credibility as a trusted security voice by publishing original research, proof-of-concepts, and detailed analysis. • Amplify discoveries and messages through compelling story narratives and real-world demonstrations. • Address critical security education gaps within developer and security ecosystems. • Produce high-impact technical content including conference presentations, in-depth blog posts, video tutorials, and short-form community engagement on social channels and forums. • Establish Semgrep as the go-to solution for secure coding by engaging authentically with security practitioners and software development teams wherever they are. • Lead technical workshops and hands-on training sessions that demonstrate practical security risks and remediation using Semgrep tools. • Cultivate relationships with other influencers within DevSecOps and AppSec communities to expand your reach and gather intelligence. • Support internal teammates to be the best version of themselves by sharing your knowledge and best practices across functions. • Serve as the voice of the community within Semgrep, translating user pain points and opportunities into product enhancement opportunities. • Support engineering and product teams to beta test and provide comprehensive user experience feedback.

🎯 Requirements

• 8+ years of hands-on keyboard experience identifying, analyzing, and remediating security vulnerabilities across web applications, cloud infrastructure, and APIs. • Proven track record of security research contributions such as CVE discoveries, security advisories, or published research. • Deep understanding of OWASP Top 10, secure coding practices, and common vulnerability classes as well as application security testing methodologies (SAST, DAST, IAST) with familiarity of strengths and limitations. • Strong programming skills in multiple languages commonly used in enterprise development (Python, JavaScript, Java, Go, etc.). • Experience with modern development workflows and methodologies including CI/CD pipelines, containerization, infrastructure as code, cloud deployment, and generative AI. • Exceptional written and verbal communication abilities with a portfolio of technical content delivered to technical audiences. • Proven public speaking experience at industry conferences, meetups, or similar events. • Previous developer relations role such as a developer advocate, technical evangelist, or similar public-facing community position.

🏖️ Benefits

• Comprehensive health plans • Generous vacation time • 401k • Learning stipends • Equity