Semgrep

Develop and manage technical content strategies, create engaging content across multiple formats, and collaborate with teams to amplify brand authority in application security. | 5+ years in technical content marketing, strong editorial skills, deep understanding of SEO/AEO, experience with social media and analytics, and excellent project management skills. | About Semgrep Semgrep, the leader in code security for builders, empowers invention without friction. Teams catch, flag, and fix real issues before they ship, powered by security that learns as they build. Semgrep secures code as it’s written and provides guardrails that pave the road for developers to move fast and stay secure. Built for builders and trusted by security, Semgrep lives where developers work, delivering fixes without breaking flow, and giving security teams visibility, control, and confidence. Semgrep gets smarter as you build, with AI that learns your context to cut false positives and prioritize reachable vulnerabilities, validated by 95% of security reviewers across 6M+ findings. Semgrep makes zero false positives a reality with AppSec teams triaging 80% fewer false positives across Code and Supply Chain, dramatically shrinking the backlog. Founded in San Francisco and backed by Menlo Ventures, Felicis Ventures, Lightspeed Venture Partners, Redpoint Ventures, and Sequoia Capital, Semgrep is recognized by Gartner in Application Security Testing and is trusted by leading organizations, including Snowflake, Dropbox, and Figma. Learn more at semgrep.dev. About the role: We’re looking for a Sr. Technical Content Marketing Manager to scale our content strategy in the dynamic world of application security. This role will be perfect for someone who thrives on making an impact by transforming technical expertise into compelling stories, improving systems for cross-functional repeatability, and ensuring content is the fuel for measurable outcomes. You’ll shape the tone of voice for public technical communications, manage the editorial calendar, and orchestrate content across teams and channels. From long-form research reporting to high-impact social campaigns, your work will amplify demand generation, brand awareness, and community engagement. The ideal candidate is both a storyteller and an operator – someone who understands how to craft content that builds trust and authority in the security community while also optimizing for SEO, AEO, and social media engagement. What you’ll do Shape and scale our voice: Define, document, and champion a consistent tone and style that reflects our brand’s authority in security software. Create differentiation through technical thought leadership on the most compelling trends at the intersection of artificial intelligence and appsec which motivates prospects to reach out to us and learn more. Editorial leadership: Manage the editorial calendar, ensuring a steady pipeline of public-facing content across channels and formats (blog posts, guides, cheat sheets, whitepapers, video scripts, and social posts). Guide production from idea to publication for original vulnerability research, annual industry reports, and incidents (CVEs) to elevate our brand identity. Cross-functional collaboration: Partner with product, engineering, security research, sales engineering and the broader marketing team to source ideas and contributions, translating technical expertise into engaging, accessible content that resonates with security professionals. Integrate with PR/AR to facilitate alignment with our overall communications strategy. SEO & AEO growth strategy: Leverage SEO and AEO best practices to drive awareness for various forms of content. Social media engagement: Work with the broader marketing team to publish and amplify content across platforms, growing reach and community interactions. Project management: Keep multiple initiatives running smoothly and on time, from kickoff to final draft to promotion. Implement a lifecycle to ensure content remains relevant, current, and aligned to evolving business needs. Experiment with AI tooling and automation to speed content creation, help with management, and add predictability to workflows. Reporting: Own, measure, and report on content-related KPIs such as engagement metrics, traffic growth, and proactively share this knowledge with stakeholders to guide to decision-making. You are ideal for this role if you have 5+ years of experience in technical content marketing, ideally in B2B SaaS or application security/technology. Strong editorial instincts with proven ability to create content that resonates with both technical and business audiences. Deep understanding of SEO best practices and the evolution of AEO. Familiarity with social media and security trends, community engagement strategies, and analytics tools. Be creative and bold. Exceptional organizational skills and experience managing projects with multiple stakeholders. Comfort working in a fast-paced, highly collaborative environment. Analytical and precise to derive metrics and report insights about customer trust, adoption, and retention tied to prioritizing content. Compensation Salary Range: $147,500 - $173,500 Our compensation package includes equity and benefits in addition to salary. Please note that the range listed is for someone based in the San Francisco Bay Area. What we offer Our goal is to competitively and fairly compensate every Semgrep employee with a system that equally rewards those who are vocal and those who are less comfortable making demands during the final steps of the hiring process. To that end, we generate internal compensation bands that are used when discussing and negotiating salaries. We update these based on market data to make sure they’re above the average for comparable roles. We also invest in our employees’ well-being and long term success with comprehensive health plans, generous vacation time, 401k, learning stipends, and more. Our benefits are for everyone, so that you’re taken care of, and we work with individuals to make sure they have what they need, whether that’s quiet work space, adjusted hours, or something else. Who we are We have people from France and the Philippines, physics and philosophy, formal methods research and full fledged corporations. We’re new parents and new grads, aspiring authors and aspiring Americans, dog lovers and dogfooders. We get together often to bike, bake, and meet up in parks. In our interactions, we believe respect and honesty go hand in hand, and prioritize both. Semgrep is an equal-opportunity employer seeking a diverse range of backgrounds. We value who you are — including your cultural heritage, your socioeconomic status, your age, your race, your gender, your sexual orientation, your disabilities. We value what’s vitally important to you — your family, your religion, your politics. We value what you love in this world — your music, your weekend pursuits. We believe in welcoming varied professional backgrounds, educations, and interests. If you’re exceptional in your role, believe in Semgrep’s mission, and treat Semgrep’s values as your own, you belong here. Please Note: For US-based roles open to remote work, we are currently able to hire employees in the following states only: Arizona, California, Colorado, Connecticut, District of Columbia, Florida, Georgia, Illinois, Maryland, Massachusetts, Michigan, Missouri, Nebraska, New Jersey, New York, North Carolina, Oregon, Tennessee, Texas, Virginia, Washington, and Wisconsin.

Develop and refine AI/ML-powered security tools, integrate AI APIs, and contribute to product development and experimentation. | 5+ years of experience in production software, strong Python skills, experience with AI/ML, and interest in prompt engineering and vector databases. | About Semgrep Our mission is to make world-class software security available to everyone. This means building program analysis tools that are open source, easy to use, powerful, and fast. It also means building a team with security expertise and a passion for great developer experiences. Most of all, it means working with honesty and respect in a diverse community of dreamers and builders. We’ve redefined static analysis tooling by committing to all of these, and turned our project, Semgrep, into an essential safeguard for code at Snowflake, Dropbox, and more. About the role As an AI product engineer on Semgrep’s Code team, you’ll apply cutting-edge AI/ML tools from industry leaders (e.g. OpenAI, Anthropic, Hugging Face, Amazon, Google) to build user-facing security tools that help developers write and ship secure software faster. Semgrep’s Code product improves the software developers create by identifying real vulnerabilities without slowing them down. Other security tools often overwhelm developers with noise, but we deliver actionable, accurate, and intuitive results. AI has already had a profound effect on how we can cut through that noise, and we believe it will unlock even more potential in the future. You’ll learn about the application-security space, mentor other engineers, collaborate with product managers, security researchers, and application developers, and shape features our customers love. Through Semgrep’s culture of transparency, you’ll see and influence the decisions that make a startup successful. Your work will be key to making Semgrep the world’s leading code analysis project and trusted security platform. You will: • Integrate AI platform APIs into the Code product • Develop and refine LLM prompt chains for real developer use cases • Experiment with the latest AI/ML advances and determine how they can be productized • Evaluate and fine-tune ML models using human- and machine-generated data • Learn directly from users to understand their needs and deliver features that help them secure their code • Work on major product initiatives end-to-end, from design and prototyping through implementation and deployment • Contribute to technical discussions, roadmap planning, and mentoring within the team You are ideal for this role if you have: • 5+ years of experience writing production software • Curiosity and a love of new technologies, especially AI/ML • Experience experimenting with GPT-4/GPT-5, Codex, Claude, or other LLMs; familiarity with ML algorithms and applied research • Comfort working in a fast-paced environment where prototypes are rapidly iterated or discarded • Strong Python skills (experience with other languages a plus) • Interest in prompt engineering, embeddings, and vector databases • Excitement about building for customers, iterating fast, and seeing solutions solve real developer problems • Excellent and proactive communication skills, both verbal and written Some example projects you might work on include: • Building new detection capabilities that utilize fast, deterministic static analysis technologies within an autonomous LLM-driven agentic code analysis pipeline • Identifying causes of and solving for non-determinism in model output • Generating real-time, AI-powered remediation guidance for vulnerabilities in developers’ own code • Automatically drafting secure code suggestions that align with project context and frameworks • Building and orchestrating purpose-built custom agents for evaluating and triaging code security risks • Enhancing the IDE experience with AI-assisted security insights and explanations • Experimenting with AI-powered rule generation to help customers expand and tailor their Code product usage Compensation Salary Range: $176,000 - $207,000 Our compensation package includes equity and benefits in addition to salary. Please note that the range listed is for someone based in the San Francisco Bay Area. What we offer Our goal is to competitively and fairly compensate every Semgrep employee with a system that equally rewards those who are vocal and those who are less comfortable making demands during the final steps of the hiring process. To that end, we generate internal compensation bands that are used when discussing and negotiating salaries. We update these based on market data to make sure they’re above the average for comparable roles. We also invest in our employees’ well-being and long term success with comprehensive health plans, generous vacation time, 401k, learning stipends, and more. Our benefits are for everyone, so that you’re taken care of, and we work with individuals to make sure they have what they need, whether that’s quiet work space, adjusted hours, or something else. Who we are We have people from France and the Philippines, physics and philosophy, formal methods research and full fledged corporations. We’re new parents and new grads, aspiring authors and aspiring Americans, dog lovers and dogfooders. We get together often to bike, bake, and meet up in parks. In our interactions, we believe respect and honesty go hand in hand, and prioritize both. Semgrep is an equal-opportunity employer seeking a diverse range of backgrounds. We value who you are — including your cultural heritage, your socioeconomic status, your age, your race, your gender, your sexual orientation, your disabilities. We value what’s vitally important to you — your family, your religion, your politics. We value what you love in this world — your music, your weekend pursuits. We believe in welcoming varied professional backgrounds, educations, and interests. If you’re exceptional in your role, believe in Semgrep’s mission, and treat Semgrep’s values as your own, you belong here. Please Note: For US-based roles open to remote work, we are currently able to hire employees in the following states only: Arizona, California, Colorado, Connecticut, District of Columbia, Florida, Georgia, Illinois, Maryland, Massachusetts, Michigan, Missouri, Nebraska, New Jersey, New York, North Carolina, Oregon, Tennessee, Texas, Virginia, Washington, and Wisconsin.