As a Senior Offensive Security Engineer, at JFrog you will…
Lead, plan, design, and execute Red Team operations, threat modeling, and adversarial simulations against JFrog’s infrastructure, applications, and cloud environments
Drive threat research and intelligence initiatives to stay ahead of emerging cyber threats, attack techniques, and vulnerabilities
Develop and execute advanced attack scenarios to assess security defenses and provide actionable recommendations for improving JFrog’s security posture
Collaborate closely with security engineering, DevOps, and software development teams to implement findings and enhance our defenses
Lead the development of tooling, frameworks, and methodologies to automate and optimize Red Team exercises
Mentor and guide a team of security professionals, fostering a culture of innovation, collaboration, and continuous learning
Participate in incident response when Red Team exercises reveal vulnerabilities, providing expertise on attack techniques, forensics, and post-attack mitigation
Continuously assess and improve security processes, playbooks, and threat detection mechanisms
To be a Senior Offensive Security Engineer, at JFrog you need…
5+ years of experience in offensive security operations, Red Teaming, threat hunting, or threat research
Deep knowledge of attack techniques, TTPs (Tactics, Techniques, and Procedures), adversary simulations, and threat-hunting methodologies
Hands-on experience with Redteam tools, frameworks (e.g., Metasploit, Cobalt Strike, Burp Suite), and custom exploit development
Strong experience with cloud platforms (AWS, GCP, Azure) and containerized environments (Kubernetes, Docker)
Familiarity with MITRE ATT&CK Framework and its application in Red Team and threat-hunting scenarios
Proficiency with scripting and automation languages (Python, PowerShell, Bash) for tool development, threat detection, and attack simulation
Solid understanding of offensive security best practices, vulnerability management, threat detection, and advanced threat analysis
Ability to effectively communicate and collaborate with cross-functional teams, translating complex security concepts into actionable insights
A passion for continuous learning, research, and innovation in the fields of offensive security, threat hunting, and cyber threats