IR Security Engineer
We are looking for an IR Security Engineer:
In JFrog, you will have the opportunity to build the future of DevOps for some of the most innovative and successful organizations in the world, including Netflix, Amazon, LinkedIn, Yahoo, Google, SalesForce, Cisco, EA, Spotify, Twitter, Oracle, VMware, and EMC. Beyond any specific perk, what we believe matters most is creating an open and positive work environment where everyone has a voice, and everyone matters.
This is a hands-on role in a dynamic and fast-paced environment. In this role, you will be responsible for responding to security threats facing the company. You will help further develop the incident response program and automation that protects JFrog today and tomorrow. An ideal candidate is an experienced, highly motivated leader that embraces the opportunity to influence and evangelize security across the organization.
If you love working with brilliant people, being part of an energetic team, changing the world of software and you’ve got the technical skills, you might be the perfect Frog to join our Swamp! Come and help us to continue to lead the rapidly evolving space of Continuous Integration and Delivery!
- Ability to analyze data, such as logs or packets captures, from various sources within the enterprise and conclude past and future security incidents
- In-depth experience with Incident Response (time lining, artifacts, etc)
- Plan, design, build, and execute JFrog’s security engineering operation
- Place foundation for automating security operations by creating playbooks and flows based on security incidents outcome
- Deliver accurate and timely security investigations and responses.
- Document incidents from initial detection through final resolution
- Maintain and expand related information security metrics
- Build and maintain detection and prevention tools and techniques
- Finding and fixing security vulnerabilities
Desired Skills and Experience
- 3+ years information security hands-on experience, preferably as a SOC/IR (tier 3/4) team member (e.g. writing Incident Response procedures and triage methodologies)
- Experience with security principals on cloud computing and technology : AWS,GCP and Azure
- Experience with implementing and challenging Cloud Security protection and compliance systems, IDS/IPS, Next Gen WAF and more
- Ability to lead projects such as security controls implementation, design and maintain tools and integrations, etc
- In-depth understanding of SIEM technology (ELK/Splunk or equivalent)
- Experience with automating security flows (SOAR)
- Willingness to work on high speed, keep evolving, always changing organization and being able to adapt to a fast paced working methodology
- Knowledge on securing\monitoring containerized environments (Docker, K8s) - An advantage
- Experience with MacOS endpoint protection - An advantage
- Experience with writing scripts/code - An advantage
- Excellent interpersonal skills with the ability to engage and discuss technical and business risk caused by security issues with business and legal partners at all levels
- On-call security support as needed
- English as a 2nd language