< Back

Senior GRC Specialist, Customer Trust

Atlanta, US | IT

At JFrog, we’re reinventing DevOps to help the world’s greatest companies innovate -- and we want you along for the ride. This is a special place with a unique combination of brilliance, spirit and just all-around great people. Here, if you’re willing to do more, your career can take off. And since software plays a central role in everyone’s lives, you’ll be part of an important mission. Thousands of customers, including the majority of the Fortune 100, trust JFrog to manage, accelerate, and secure their software delivery from code to production -- a concept we call “liquid software.” Wouldn't it be amazing if you could join us in our journey?

We are seeking a Senior GRC Specialist, Customer Trust to join our growing GRC Team in Atlanta, Georgia.

In this role, you will support our sales, legal, and business colleagues through various GRC, Customer Trust oriented projects and initiatives including completing customer security assessments and audits of JFrog, working with the Legal team to negotiate security terms in contracts, meeting with customers directly to discuss JFrog’s security posture, and creating enablement materials to make sales teams and our customers successful as it relates to security & compliance. Additionally, this role will help build these competencies in the rest of the team and develop the maturity and scale of the Customer Trust program. 

This is a great opportunity to work closely with technical stakeholders to further build and scale our global customer-facing side Information Security and GRC programs. We are looking for a team player who brings a thoughtful, pragmatic mindset to overcoming challenges.

As a Senior GRC Specialist, Customer Trust in JFrog you will...

  • Maintain internal and external trust platforms, supporting ongoing customer due diligence activities including audits, questionnaires, and reviewing security contractual requirements.
  • Provide training and guidance to sales teams on compliance-related matters and develop tools and resources to enable the sales team to efficiently respond to compliance inquiries from prospective and existing customers.
  • Collaborate with cross-functional teams to support and enhance the overall GRC program.
  • Provide legal, sales, and marketing departments with technical security guidance regarding regulatory and data protection requirements.
  • Ensure company policies, procedures, and controls are aligned with regulatory requirements and industry standards.
  • Proactively gather customer feedback and stay abreast of industry trends to adapt and mature the GRC program accordingly.
  • Implement improvements and updates to the program based on regulatory changes and customer requirements.
  • Participating in risk assessment and risk management processes. 

To be a Senior GRC Specialist, Customer Trust in JFrog you need...

  • Minimum 5 years as an Information Security or Cyber Security GRC specialist, expert or consulting.
  • Deep understanding and hands-on experience with the security side of pre-sales and post-sales (customer security assessments, onsite audits, contract negotiations, etc)
  • Strong knowledge and hands-on experience with ISO 27001 and SOC 2 Type II 
  • Familiarity with additional security frameworks as well as privacy regulations and standards (NIST, CSA, CAIQ, SIG, GDPR, CCPA, ISO 27701) is an advantage.
  • Experience reviewing and redlining information security addendums
  • An excellent ability to communicate verbally and in writing
  • Ability to work on multiple projects simultaneously
  • Project management skills
  • Self-driven and fast learner with a can-do approach
  • Passionate about the team and responsibilities
  • Willingness to work a flexible schedule based on department and company needs. 
  • Experience auditing cloud environments
  • Experience working with regulators and auditors
  • Experience working with GRC tools

WHAT JFROG CAN OFFER…

  • At JFrog, base salary is only one component of our compensation package.
  • This position has a base salary range between $145,000 to $160,000.  Base salary will be based on your skills, qualifications, experience and location.
  • This position also includes an equity package of restricted stock units (RSU).  In addition, JFrog employees are eligible to participate in our Employee Stock Purchase Plan.
  • JFrog provides employees comprehensive benefits including medical, dental, vision, retirement, wellness and much more!
  • JFrog embraces hybrid work: 3 days in office / 2 days remote.
  • Additionally, this role may be eligible for discretionary bonuses or commission payments.

JFrog is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status or any other category protected by law.

Apply Here

Do you have a legal right to work in the US?

Voluntary Self-Identification


For government reporting purposes, we ask candidates to respond to the below self-identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

As set forth in JFrog’s Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law.

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to the Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows:

A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.

An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.

From CC-305 OMB Control Number 1250-0005 Expires 04/30/2026

Voluntary Self-Identification of Disability

Form CC-305
Page 1 of 1
OMB Control Number 1250-0005
Expires 04/30/2026

Why are you being asked to complete this form?

We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years.

Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to:

  • Alcohol or other substance use disorder (not currently using drugs illegally)
  • Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS
  • Blind or low vision
  • Cancer (past or present)
  • Cardiovascular or heart disease
  • Celiac disease
  • Cerebral palsy
  • Deaf or serious difficulty hearing
  • Diabetes
  • Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders
  • Epilepsy or other seizure disorder
  • Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome
  • Intellectual or developmental disability
  • Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD
  • Missing limbs or partially missing limbs
  • Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports
  • Nervous system condition, for example, migraine headaches, Parkinson’s disease, multiple sclerosis (MS)
  • Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities
  • Partial or complete paralysis (any cause)
  • Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema
  • Short stature (dwarfism)
  • Traumatic brain injury

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.