As a Cloud SecOps & IR Engineer in JFrog, you will...
Drive key business KPIs
Plan, design, build, and execute JFrog’s security engineering operations
Perform incident triage and handling by determining scope, urgency, and potential impact thereafter identifying the specific vulnerability while recommending actions for quick remediation
Partner with teams in the company to drive holistic and comprehensive fixes for systemic issues
Build and maintain the groups’ domain leadership with the latest technology trends related to DevSecOps Engineering
Identify new security threats by conducting continuous monitoring, vulnerability assessments, and log analysis
Provide on-call security support as needed
To be a Cloud SecOps & IR Engineer in JFrog you need...
5+ years of relevant industry experience in security, solid knowledge of information security principles and practices
Proven experience with attack and mitigation methods in complex cloud environments (AWS/GCP/Azure)
Proven experience with performing risk management and prioritization for leading remediation processes for internal teams (e.g. SREs, DevOps, etc.)
Proven experience designing, tinkering, and tailoring vulnerability management, SaaS security posture/CASB, asset management, and device posture platforms
Proven experience in at least 4 of the following domains: Patch management, SSO/SAML, Secure Access/Zero Trust + 802.1x, Endpoint Protection - EDR XDR, IDM/IAM, Email Protection, Security monitoring and analytics (e.g. ELK/Splunk)
In-depth technical knowledge of IT operating systems and technologies, knowledge in securing containerized environments (Docker, K8s)
Building security tools and processes using your preferred coding language (we mainly use Python or Go) for critical infrastructure protection, monitoring, and remediation