ZipRecruiter

Log In

1

Semgrep Product Security Jobs (NOW HIRING)

Corridor Security Inc

Security Engineer

San Francisco, CA · On-site

$150K - $250K/yr

Corridor is changing the game of product security, giving developers the ability to secure their AI ... Familiarity with security tools such as Burp Suite, Semgrep, OWASP ZAP, or similar security testing ...

Crusoe

Senior Product Security Engineer

San Francisco, CA · On-site

$134K - $185K/yr

Production experience with application security tooling (SAST, DAST, SCA) and CI/CD integration (e.g., Semgrep, OWASP ZAP, Burp, GitLab) * Knowledge of runtime application security and observability ...

Crusoe

Senior Product Security Engineer

San Francisco, CA · On-site

$134K - $185K/yr

Production experience with application security tooling (SAST, DAST, SCA) and CI/CD integration (e.g., Semgrep, OWASP ZAP, Burp, GitLab) * Knowledge of runtime application security and observability ...

Arnex Solutions LLC

Application Security Engineer

Manhattan, NY · On-site

$64.75 - $86.50/hr

... or product lines. • Hands-on experience deploying and operating modern AppSec tooling (e.g., Semgrep, Snyk, Checkmarx, Veracode, Apiiro, Ox Security, GitHub Advanced Security). • Working code ...

Axon

Senior Application Security Engineer II

Seattle, WA · On-site

$130K - $178K/yr

Reports to: Senior Product Security Manager Direct Reports: None * Integrate Security into ... Hands-on experience with security tools like Snyk, Semgrep, or similar. * Ability to simplify and ...

next page

Showing results 1-20

All JobsSemgrep Product Security Jobs

Semgrep Product Security information

See salary details

$51.5K

$159.4K

$197K

How much do semgrep product security jobs pay per year?

As of Jun 10, 2026, the average yearly pay for semgrep product security in the United States is $159,405.00, according to ZipRecruiter salary data. Most workers in this role earn between $141,000.00 and $197,000.00 per year, depending on experience, location, and employer.

What is Semgrep Product Security?

Semgrep Product Security refers to the use of the Semgrep tool and platform to help development and security teams find and fix security vulnerabilities in code. Semgrep is a code analysis tool that enables customizable, fast, and automated scanning of source code for security issues, coding errors, and policy violations. Product Security teams use Semgrep to integrate security checks into their development lifecycle, ensuring that products are secure by design and compliant with industry standards. This enhances the overall security posture of organizations and helps developers catch issues early.

What are the key skills and qualifications needed to thrive as a Semgrep Product Security professional, and why are they important?

To thrive in Semgrep Product Security, you need expertise in application security, code analysis, and vulnerability assessment, often backed by experience with secure software development and a relevant technical degree. Familiarity with Semgrep, static application security testing (SAST) tools, and knowledge of programming languages like Python or JavaScript are crucial, along with certifications such as OSCP or CISSP being advantageous. Strong analytical thinking, attention to detail, and clear communication skills help you effectively identify, explain, and remediate security issues in collaboration with development teams. These competencies are essential to proactively safeguard products, reduce risk, and maintain trust in fast-evolving software environments.

How does a Semgrep Product Security professional typically collaborate with development teams to enhance software security?

A Semgrep Product Security professional works closely with development teams by integrating security checks early in the software development lifecycle. They use Semgrep to identify vulnerabilities in code during code reviews and CI/CD processes, providing actionable feedback to developers. This role often involves conducting security trainings, writing security policies, and supporting developers in remediating issues, fostering a culture of secure coding. Regular collaboration ensures that security is embedded into every stage of product development and that teams are empowered to address risks proactively.

Security Engineer

Corridor Security Inc

San Francisco, CA • On-site

$150K - $250K/yr

Full-time

Posted 12 days ago

Job description

Overview
AI has changed software development. Security hasn't caught up - until now. Corridor is changing the game of product security, giving developers the ability to secure their AI coding.
Our team operates at the intersection of AI and cybersecurity. We've led security at some of the world's largest companies, driven U.S. cybersecurity policy, and published AI research at Stanford.
As Corridor grows, we're hiring a Security Engineer to strengthen both our customers' security posture and our own. This is a highly technical role focused on working directly with customers to implement secure coding practices, hardening Corridor's internal systems, and supporting our compliance efforts.
This role reports to our CPO/CSO.
What You'll Do
Drive Customer Security Success
  • Work directly with customers to understand their codebases and help them implement secure coding guardrails.
  • Improve Corridor's detection and remediation capabilities based on real-world customer environments.
  • Partner with customers to demonstrate security value and outcomes.

Secure Corridor's Systems
  • Harden Corridor's software and infrastructure through threat modeling, code review, and red teaming.
  • Identify vulnerabilities and work with engineering to drive resolution.
  • Monitor Corridor's production and IT systems, investigate anomalies, and respond to incidents.
  • Contribute to security documentation, policies, and incident response procedures.

Support Compliance
  • Partner with the CISO on compliance requirements including SOC 2, ISO 27001, and customer security questionnaires.
  • Help maintain and improve Corridor's security posture as we scale.

Qualifications
  • At least 2 years of experience on a corporate application security or corporate security team.
  • Experience with cloud security (AWS, GCP, or Azure).
  • Familiarity with security tools such as Burp Suite, Semgrep, OWASP ZAP, or similar security testing tools.
  • Ability to clearly communicate technical concepts to both engineers and non-engineers.
  • High ownership mindset and ability to operate autonomously.
  • BS in Computer Science or equivalent practical experience.

Nice to Have
  • Experience with Datadog or similar observability platforms.
  • Familiarity with compliance frameworks (SOC 2, ISO 27001, PCI-DSS, FedRAMP).
  • Contributions to open source security tools or research.

Apply