Cyber Security Incident Response Team Manager, CSIRT
At JFrog, we’re reinventing DevOps to help the world’s greatest companies innovate -- and we want you along for the ride. This is a special place with a unique combination of brilliance, spirit and just all-around great people. Here, if you’re willing to do more, your career can take off. And since software plays a central role in everyone’s lives, you’ll be part of an important mission. Thousands of customers, including the majority of the Fortune 100, trust JFrog to manage, accelerate, and secure their software delivery from code to production -- a concept we call “liquid software.” Wouldn't it be amazing if you could join us in our journey?
We are looking for a hands-on, dynamic and fast paced Cyber Security Incident Response Team Manager, CSIRT. In this role you will be responsible for responding to security threats facing the company. You will help further develop the incident response program and automation that protects JFrog today and tomorrow. An ideal candidate is an experienced, highly motivated leader that embraces the opportunity to influence and evangelize security across the organization.
As a Cyber Security Incident Response Team Manager, CSIRT in JFrog you will…
- Lead a team of high-performing incident responders and engineers
- Plan, design and execute incident response processes, workflow and playbook
- Lead engineering projects that include cloud/SaaS security monitoring, automation, endpoint detection and response, improve security awareness
- Deliver accurate and timely security investigations and responses.
- Document incidents from initial detection through final resolution
- Maintain and expand related information security metrics
- Drive a proactive approach by regularly practicing red and purple team exercises
- Manage On-call security support as needed
- Be responsible for JFrog’s Federal Customers
To be a Cyber Security Incident Response Team Manager, CSIRT in JFrog you need…
- US Citizenship and current residency - A must
- 2+ years in leading an incident response team
- 5+ years information security hands-on experience, preferably as part of SOC/IR (tier 3/4)
- Ability to take decisions and manage critical incidents under pressure.
- Proven experience with investigating cloud security incidents on AWS/GCP/Azure following well-known industry standards/framework/benchmark (MITRE, NIST, CIS or equivalent)
- In-depth understanding of SIEM technology (ELK)
- Proven experience with creating incident response workflows, processes and playbooks with defined SLAs and reflecting it to company’s stakeholders (e.g. Executive management)
- Proven experience with automating security flows (SOAR) and threat intelligence.
- Ability to lead projects such as security controls evaluation and integration
- Knowledge on securing\monitoring containerized environments (Docker, K8s) - An advantage
- Familiarity with multiple regulation and compliance standards such as ISO27001, FedRAMP, FIPS, SOC 2.0, GDPR, HIPAA
- Experience managing a SaaS-based FedRAMP-authorized environment.
- Experience building a Security Operations team knowledgeable of FedRAMP and its requirements.
- Experience identifying and implementing FedRAMP-compliant security solutions.
- Ability to recruit, mentor, lead and build a success path for highly quality team individuals and work as a team.
- Excellent interpersonal skills with the ability to engage and discuss technical and business risk caused by security issues with business and legal partners at all levels