Senior Cloud Security Engineer

** Open to remote within the EST time zone only**

At JFrog, we’re reinventing DevOps to help the world’s greatest companies innovate -- and we want you along for the ride. This is a special place with a unique combination of brilliance, spirit and just all-around great people. Here, if you’re willing to do more, your career can take off. And since software plays a central role in everyone’s lives, you’ll be part of an important mission. Thousands of customers, including the majority of the Fortune 100, trust JFrog to manage, accelerate, and secure their software delivery from code to production -- a concept we call “liquid software.” Wouldn't it be amazing if you could join us in our journey?

As a Senior Cloud Security Engineer, you will lead incident response efforts and integrate security practices into the development lifecycle, enhancing our organization's cybersecurity posture. You will further develop JFrog's Incident Response and Security Operations program to protect our assets now and in the future. We seek an experienced, highly motivated technology leader who embraces the opportunity to influence and advocate for security across the organization.

As a Senior Cloud Security Engineer in JFrog you will... 

• Plan, design, build, and execute JFrog’s security engineering operations, working in an agile environment.
• Identify emerging cybersecurity threats, misconfigurations, and vulnerabilities by conducting continuous monitoring and log analysis related to JFrog Cloud.
• Perform incident triage and handling by determining scope, urgency, and potential impact, identifying specific vulnerabilities, recommending actions for swift remediation, and conducting post-incident reviews to identify lessons learned and areas for improvement.
• Partner with the engineering teams in the company to drive the security mission across the organization.
• Develop, implement, and manage DevSecOps-focused incident response plans, playbooks, standard operating procedures, and security tools and technologies.
• Provide on-call security support as needed.

To be a Senior Cloud Security Engineer in JFrog you need...

• 5+ years of industry experience in security with solid knowledge of cloud security principles and practices.
• Hands-on experience with cloud (AWS/GCP/Azure) preferably with containerized and kubernetes environments.
• Proficiency with cloud security platforms such as CSPM, DSPM, SSPM, and CNAP.
• Hands-on experience with SIEM tools and developing SOAR playbooks.
• Strong understanding and application of the principle of least privilege; experience with workload identity is a plus.
• Experience with vulnerability management and threat detection platforms.
• Proficiency in at least one scripting language (Python, PowerShell, Bash).
• Experience with Endpoint Detection and Response (EDR) solutions.
• Familiarity with DevSecOps principles such as CI/CD or Infrastructure as Code (IaC) is advantageous.
• Knowledge of workload/runtime protection is a significant advantage.

WHAT JFROG CAN OFFER…

• At JFrog, base salary is only one component of our compensation package.
• This position is open to remote candidates who live outside a reasonable commuting distance to the Atlanta location.
• This position has a base salary range between $185,000 to $200,000.  Base salary will be based on your skills, qualifications, experience and location.
• Additionally, this role may be eligible for discretionary bonuses or commission payments.
• This position also includes an equity package of restricted stock units (RSU).  In addition, JFrog employees are eligible to participate in our Employee Stock Purchase Plan.
• JFrog provides employees comprehensive benefits including medical, dental, vision, retirement, wellness and much more!
• JFrog embraces hybrid work: 3 days in office / 2 days remote.

JFrog is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status or any other category protected by law.