IR SecOps Engineer

Atlanta, US | Security

At JFrog, we’re reinventing DevOps to help the world’s greatest companies innovate -- and we want you along for the ride. This is a special place with a unique combination of brilliance, spirit and just all-around great people. Here, if you’re willing to do more, your career can take off. And since software plays a central role in everyone’s lives, you’ll be part of an important mission. Thousands of customers, including the majority of the Fortune 100, trust JFrog to manage, accelerate, and secure their software delivery from code to production -- a concept we call “liquid software.” Wouldn't it be amazing if you could join us in our journey?

As a IR SecOps Engineer at JFrog, you will lead the response process regarding security threats facing the company. You will help further develop the Incident Response program that protects JFrog today and towards the future. We are looking for an experienced, highly motivated leader that embraces the opportunity to influence and evangelize security across the organization.

As an IR SecOps Engineer in JFrog you will…

  • Drive key business KPI’s
  • Plan, design, build, and execute JFrog’s security engineering operations
  • Deliver accurate and timely security investigations and responses
  • Perform incident triage by determining scope, urgency, and potential impact thereafter identifying the specific vulnerability while recommending actions for expeditious remediation
  • Partner with teams in the company to drive holistic and comprehensive fixes for systemic issues
  • Identify new security threats by conducting continuous monitoring, vulnerability assessments and log analysis
  • Provide On-call security support as needed

To be a IR SecOps Engineer in JFrog you need…

  • US Citizenship and current residency - A must
  • 2+ years in incident response team
  • 5+ years information security hands-on experience, preferably as part of SOC/IR (tier 3/4)
  • Ability to take decisions and manage critical incidents under pressure
  • Proven experience with investigating cloud security incidents on AWS/GCP/Azure following well-known industry standards/framework/benchmark (MITRE, NIST, CIS or equivalent) 
  • In-depth understanding of SIEM technology (ELK)
  • Proven experience with creating incident response workflows, processes and playbooks with defined SLAs and reflecting it to company’s stakeholders (e.g. Executive management)
  • Proven experience with automating security flows (SOAR) and threat intelligence
  • Ability to lead projects such as security controls evaluation and integration
  • Knowledge on securing/monitoring containerized environments (Docker, K8s)  - An advantage
  • Familiarity with multiple regulation and compliance standards such as ISO27001, FedRAMP, FIPS , SOC 2.0, GDPR, HIPAA)
  • Experience building a Security Operations team knowledgeable of FedRAMP and its requirements
  • Ability to work in a team environment
  • Excellent interpersonal skills with the ability to engage and discuss technical and business risk caused by security issues with business and legal partners at all levels


JFrog is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, martial status or any other category protected by law.

Apply Here

Do you have a legal right to work in the US?