Staff Security Advocate

Summary

Join Semgrep's Security Advocacy team and drive awareness and preference for Semgrep within application security and software development communities. As a Security Advocate, you will educate teams on secure coding, activate them through product onboarding, and encourage community champions. You will partner with security researchers, create compelling content (presentations, blog posts, videos), build community engagement, and serve as the voice of the community within Semgrep. This remote-friendly role requires 8+ years of hands-on security experience, proven research contributions, deep understanding of security best practices, strong programming skills, and exceptional communication abilities. The role involves travel and offers a competitive salary ($147,500 - $199,500) plus equity and benefits including comprehensive health plans, generous vacation time, 401k, and learning stipends.

Requirements

• 8+ years of hands-on keyboard experience identifying, analyzing, and remediating security vulnerabilities across web applications, cloud infrastructure, and APIs
• Proven track record of security research contributions such as CVE discoveries, security advisories, or published research
• Deep understanding of OWASP Top 10, secure coding practices, and common vulnerability classes as well as application security testing methodologies (SAST, DAST, IAST) with familiarity of strengths and limitations
• Strong programming skills in multiple languages commonly used in enterprise development (Python, JavaScript, Java, Go, etc.)
• Experience with modern development workflows and methodologies including CI/CD pipelines, containerization, infrastructure as code, cloud deployment, and generative AI
• Ability to translate complex technical concepts into business value or user-friendly explanations
• Exceptional written and verbal communication abilities with a portfolio of technical content delivered to technical audiences
• Proven public speaking experience at industry conferences, meetups, or similar events
• Experience building and nurturing technical communities through contributions, organization, and online engagement
• Be able to speak with compassion and empathy to everybody from the CTO/CISO to Software Developer/Intern/Security Engineer
• Previous developer relations role such as a developer advocate, technical evangelist, or similar public-facing community position

Responsibilities

• Partner with security researchers to investigate emerging security trends and patterns, transforming complex findings into easily understandable and actionable insights that resonate with security and developer audiences
• Build and maintain credibility as a trusted security voice by publishing original research, proof-of-concepts, and detailed analysis
• Amplify discoveries and messages through compelling story narratives and real-world demonstrations
• Address critical security education gaps within developer and security ecosystems
• Produce high-impact technical content including conference presentations, in-depth blog posts, video tutorials, and short-form community engagement on social channels and forums
• Establish Semgrep as the go-to solution for secure coding by engaging authentically with security practitioners and software development teams wherever they are
• Lead technical workshops and hands-on training sessions that demonstrate practical security risks and remediation using Semgrep tools
• Cultivate relationships with other influencers within DevSecOps and AppSec communities to expand your reach and gather intelligence
• Support internal teammates to be the best version of themselves by sharing your knowledge and best practices across functions
• Serve as the voice of the community within Semgrep, translating user pain points and opportunities into product enhancement opportunities
• Support engineering and product teams to beta test and provide comprehensive user experience feedback

Benefits

• Salary Range: $147,500 - $199,500
• Our compensation package includes equity and benefits in addition to salary
• Comprehensive health plans
• Generous vacation time
• 401k
• Learning stipends