At JFrog, we’re reinventing DevOps to help the world’s greatest companies innovate -- and we want you along for the ride. This is a special place with a unique combination of brilliance, spirit and just all-around great people. Here, if you’re willing to do more, your career can take off. And since software plays a central role in everyone’s lives, you’ll be part of an important mission. Thousands of customers, including the majority of the Fortune 100, trust JFrog to manage, accelerate, and secure their software delivery from code to production -- a concept we call “liquid software.” Wouldn't it be amazing if you could join us in our journey?
We are looking for a Cyber Incident Response manager. In this role you will be responsible for responding to security threats facing the company. You will help further develop the Incident Response program and automation that protects JFrog today and tomorrow.
If you love working with brilliant people, being part of an energetic team, changing the world of software and you’ve got the technical skills, you might be the perfect Frog to join our Swamp! Come and help us to continue to lead the rapidly evolving space of Continuous Integration and Delivery!
As a CSIRT Manager in JFrog you will...
- Lead a team of high-performing incident responders and engineers
- Plan, design, and execute incident response processes, workflow and playbooks with the ability to define and support KPIs incident response operation
- Recruit, mentor, lead, and build a success path for highly quality team individuals
- Lead engineering projects that include cloud/SaaS security monitoring, automation, endpoint detection and response, while improving security awareness
- Deliver accurate and timely security investigations and responses while documenting incidents from initial detection to final resolution
- Drive a proactive approach by regularly practicing red and purple team exercises
To be a CSIRT Manager in JFrog you need...
- 2+ years in leading an Incident Response team
- 5+ years information security hands-on experience, preferably as part of SOC/IR (tier 3/4)
- Ability to take decisions and manage critical incidents under pressure
- Proven experience with investigating cloud security incidents on AWS/GCP/Azure following well-known industry standards/framework/benchmark (MITRE, NIST, CIS or equivalent)
- In-depth understanding of SIEM technology (ELK)
- Proven experience with creating incident response workflows, processes and playbooks with defined SLAs and reflecting it to company’s stakeholders (e.g. Executive management)
- Proven experience with automating security flows (SOAR) and threat intelligence
- Ability to lead projects such as security controls evaluation and integration
- Knowledge on securing\monitoring containerized environments (Docker, K8s) - An advantage
- Excellent interpersonal skills with the ability to engage and discuss technical and business risk caused by security issues with business and legal partners at all levels