Semgrep

Code security analysis platform
Last updated:
January 31, 2026
Company details
HQ
HEADCOUNT
100-499
ORG TYPE
Startup
SECTOR
Technology & Digital
About the company
Semgrep builds an application security platform and open source tools that help teams find and fix issues in source code, dependencies, and secrets. The company is best known for its static analysis roots, then expanding into supply chain security and developer-friendly security workflows. Many roles sit at the intersection of program analysis, cloud infrastructure, and product-led security. Semgrep hires across engineering and go-to-market, with an emphasis on hybrid hubs plus remote roles in specific regions.
Locations and presence
The company lists San Francisco as headquarters and also operates a New York office, alongside “Remote + Hybrid” hiring. Current job listings show hybrid expectations tied to hubs like Boston and Denver, not only San Francisco and New York.
Palpable Score
64.9
/ 100
Semgrep offers credible early-career entry points through internships and junior go-to-market roles with published compensation, plus role descriptions that show real learning alongside senior engineers. The score is capped by limited breadth in true 0–1 year roles and a lack of public, checkable early-career outcomes like promotion timelines, intern conversion rates, or retention.
Pillar 1: Early-career access

Score

11.3
/ 20
  • The company runs recurring internships and publishes intern write-ups that indicate an organized cohort rather than one-off placements.
  • Semgrep hires early-career sales talent through SDR roles that ask for around 1+ year of quota-based experience, which is a realistic first or second job move.
  • The company’s engineering job board is weighted toward senior and staff roles, and the few “Software Engineer” postings commonly ask for 2+ years, which narrows true entry-level access.
Pillar 2: Hiring fairness and transparency

Score

13.8
/ 20
  • The company posts concrete compensation ranges on multiple roles and explains an internal banding approach intended to reduce negotiation-driven inequity.
  • Semgrep’s job descriptions lay out location expectations in plain terms, including hybrid office days and, for some remote roles, state-by-state hiring constraints.
  • The company has mixed public interview feedback, including structured multi-stage loops and skills tests, but not enough consistent detail to confirm a reliably lightweight process for junior candidates.
Pillar 3: Learning and support

Score

13.3
/ 20
  • The company’s internship posts describe interns shipping meaningful work, including adding product features and collaborating with experienced engineers.
  • Semgrep’s engineering role descriptions explicitly frame working with senior and staff engineers, learning infrastructure best practices, and owning multi-week projects from design through maintenance.
  • The company mentions learning stipends and flexibility accommodations, but early-career onboarding and manager coaching expectations are not consistently spelled out role-by-role.
Pillar 4: Pay fairness and stability

Score

16.0
/ 20
  • The company publishes salary ranges for engineering and support roles and includes OTE ranges for SDR roles, which reduces early-career pay ambiguity.
  • Semgrep lists concrete baseline benefits on the careers site, including health, dental, and vision for dependents, unlimited PTO with mandated time off, and 401(k) retirement plans.
  • The company’s pay transparency is strong where roles are posted, but not every role publicly signals the same level of detail across all geographies, which limits predictability for candidates outside core hubs.
Pillar 5: Early-career outcomes

Score

10.5
/ 20
  • The company has a small but strongly positive set of public employee reviews that reference career opportunities and frequent promotions, which is a promising signal but not early-career specific.
  • Semgrep publishes multiple intern experience posts describing end-to-end project delivery and technical growth, but those posts do not state intern-to-full-time conversion outcomes.
  • The company does not publish early-career outcome metrics such as time-to-promotion (SDR to AE or junior engineer to mid-level), 12–24 month retention, or cohort progression, which caps confidence in outcomes.
Clear filters
Results
matched jobs
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
👀🔜 No results found — but we’re listening.
Send us a message about what you're looking for at john@bepalpable.com