Growth Engineer (Senior) - Remote, PLG & Monetization

Semgrep's journey began with a clear and ambitious mission: to fundamentally improve software security and reliability. Founded in 2017 by Isaac Evans, Drew Dennison, and Luke O'Malley, the company, initially known as r2c, recognized a critical gap in the application security landscape. While large tech companies had the resources to build sophisticated, custom security tooling, many other organizations struggled with tools that were often noisy, difficult to integrate, and didn't align well with developer workflows. The founders envisioned a new approach, one that empowered developers to write secure code from the outset, rather than treating security as an afterthought or a bottleneck.

A pivotal moment in Semgrep's evolution was the decision to build upon and significantly enhance an open-source project called sgrep, which itself had roots in tools developed at Facebook. This commitment to open-source principles became a cornerstone of Semgrep's philosophy. By 2020, this revitalized project was launched as Semgrep, offering a powerful yet intuitive static analysis tool. The core idea was to make security analysis feel like a natural extension of a developer's existing toolkit – fast, customizable, and capable of understanding code semantics without requiring developers to become security experts. This developer-first approach quickly gained traction, attracting a vibrant community and adoption by leading technology companies. Semgrep's platform has since expanded to include solutions for Software Composition Analysis (SCA) and secrets detection, all integrated into a unified AppSec Platform designed to provide high-fidelity findings and streamline the process of securing code throughout the development lifecycle. The company continues to innovate, incorporating AI to further reduce false positives and provide actionable remediation advice, staying true to its founding goal of making robust application security accessible to all.