Expoint - all jobs in one place

The point where experts and best companies meet

Limitless High-tech career opportunities - Expoint

JFrog Senior Offensive Security Engineer 
Israel, Center District, Kfar Sava 
132187277

24.09.2024

want you along for the ride

As a Senior Offensive Security Engineer, at JFrog you will…
  • Lead, plan, design, and execute Red Team operations, threat modeling, and adversarial simulations against JFrog’s infrastructure, applications, and cloud environments
  • Drive threat research and intelligence initiatives to stay ahead of emerging cyber threats, attack techniques, and vulnerabilities
  • Develop and execute advanced attack scenarios to assess security defenses and provide actionable recommendations for improving JFrog’s security posture
  • Collaborate closely with security engineering, DevOps, and software development teams to implement findings and enhance our defenses
  • Lead the development of tooling, frameworks, and methodologies to automate and optimize Red Team exercises
  • Mentor and guide a team of security professionals, fostering a culture of innovation, collaboration, and continuous learning
  • Participate in incident response when Red Team exercises reveal vulnerabilities, providing expertise on attack techniques, forensics, and post-attack mitigation
  • Continuously assess and improve security processes, playbooks, and threat detection mechanisms
To be a Senior Offensive Security Engineer, at JFrog you need…
  • 5+ years of experience in offensive security operations, Red Teaming, threat hunting, or threat research
  • Deep knowledge of attack techniques, TTPs (Tactics, Techniques, and Procedures), adversary simulations, and threat-hunting methodologies
  • Hands-on experience with Redteam tools, frameworks (e.g., Metasploit, Cobalt Strike, Burp Suite), and custom exploit development
  • Strong experience with cloud platforms (AWS, GCP, Azure) and containerized environments (Kubernetes, Docker)
  • Familiarity with MITRE ATT&CK Framework and its application in Red Team and threat-hunting scenarios
  • Proficiency with scripting and automation languages (Python, PowerShell, Bash) for tool development, threat detection, and attack simulation
  • Solid understanding of offensive security best practices, vulnerability management, threat detection, and advanced threat analysis
  • Ability to effectively communicate and collaborate with cross-functional teams, translating complex security concepts into actionable insights
  • A passion for continuous learning, research, and innovation in the fields of offensive security, threat hunting, and cyber threats