CTO Office

IR Security Engineer

We are looking for a IR Security Engineer:

In JFrog, you will have the opportunity to build the future of DevOps for some of the most innovative and successful organizations in the world, including Netflix, Amazon, LinkedIn, Yahoo, Google, SalesForce, Cisco, EA, Spotify, Twitter, Oracle, VMware, and EMC. Beyond any specific perk, what we believe matters most is creating an open and positive work environment where everyone has a voice and everyone matters.

This is a hands-on role in a dynamic and fast paced environment. In this role you will be responsible for responding to security threats facing the company. You will help further develop the incident response program and automation that protects JFrog today and tomorrow. An ideal candidate is an experienced, highly motivated leader that embraces the opportunity to influence and evangelize security across the organization.

If you love working with brilliant people, being part of an energetic team, changing the world of software and you’ve got the technical skills, you might be the perfect Frog to join our Swamp! Come and help us to continue to lead the rapidly evolving space of Continuous Integration and Delivery!

Responsibilities

  • Ability to analyze data, such as logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents
  • Place foundation for automating security operations by creating playbooks and flows based on security incidents outcome
  • Deliver accurate and timely security investigations and responses
  • Document incidents from initial detection through final resolution
  • Maintain and expand related information security metrics
  • Build and maintain detection and prevention tools and techniques
  • Finding and fixing security vulnerabilities

Desired Skills and Experience

  • 3+ years information security hands-on experience
  • Experience in SOC (Tier3/4) – for at least 2 years
  • Solid knowledge of information security principles and practices
  • Experience with Cloud Computing and technology: AWS,GCP and Azure
  • Experience with implementing and challenging Cloud Security protection and compliance systems, IDS/IPS, Next Gen WAF and more
  • Ability to lead projects such as security controls implementation, design and maintain tools and integrations, etc
  • In-depth understanding of SIEM technology (ELK/Splunk or equivalent)
  • In-depth understanding of IP networking, TCP/IP well known protocols, network segmentation and Network security-related technologies
  • Proven experience in writing Incident Response procedures and triage methodologies
  • Experience with automating security flows (SOAR)
  • Excellent interpersonal skills with the ability to engage and discuss technical and business risk caused by security issues with business and legal partners at all levels
  • Willingness to work on high speed, keep evolving, always changing organization and being able to adapt to a fast paced working methodology
  • Knowledge on securing\monitoring containerized environments (Docker, K8s) - An advantage
  • Experience with Unix/Linux, or work relating to OS internals or file level forensics
  • Experience with MacOS endpoint protection - An advantage
  • Experience with writing scripts/code - An advantage
  • On-call security support as needed
  • English as a 2nd language

Fill The Form To Apply

Share: