IR Security Engineer (BB-996DA)
Found in: Neuvoo IL
DescriptionWe are looking for an IR Security Engineer:
In JFrog, you will have the opportunity to build the future of DevOps for some of the most innovative and successful organizations in the world, including Netflix, Amazon, LinkedIn, Yahoo, Google, SalesForce, Cisco, EA, Spotify, Twitter, Oracle, VMware, and EMC. Beyond any specific perk, what we believe matters most is creating an open and positive work environment where everyone has a voice, and everyone matters.
This is a hands-on role in a dynamic and fast-paced environment. In this role, you will be responsible for responding to security threats facing the company. You will help further develop the incident response program and automation that protects JFrog today and tomorrow. An ideal candidate is an experienced, highly motivated leader that embraces the opportunity to influence and evangelize security across the organization.
If you love working with brilliant people, being part of an energetic team, changing the world of software and you’ve got the technical skills, you might be the perfect Frog to join our Swamp! Come and help us to continue to lead the rapidly evolving space of Continuous Integration and Delivery!
- Ability to analyze data, such as logs or packets captures, from various sources within the enterprise and conclude past and future security incidents
- In-depth experience with Incident Response (time lining, artifacts, etc)
- Plan, design, build, and execute JFrog’s security engineering operation
- Place foundation for automating security operations by creating playbooks and flows based on security incidents outcome
- Deliver accurate and timely security investigations and responses.
- Document incidents from initial detection through final resolution
- Maintain and expand related information security metrics
- Build and maintain detection and prevention tools and techniques
- Finding and fixing security vulnerabilities
Requirements- 3+ years of information security hands-on experience
- Experience in SOC (Tier3\4) – for at least 2 years
- Solid knowledge of information security principles and practices
- Experience with automating security flows (SOAR)
- Proven experience in writing Incident Response procedures and triage methodologies
- Experience with Cloud Computing and technology: AWS, GCP, and Azure
- Knowledge in securing containerized environments (Docker, K8s)
- Ability to lead projects such as security controls implementation, design and maintain tools and integrations, etc
- In-depth understanding of SIEM technology (ELK or equivalent)
- In-depth understanding of IP networking, TCP\IP well-known protocols, network segmentation, and Network security-related technologies
- Excellent interpersonal skills with the ability to engage and discuss technical and business risk caused by security issues with business and legal partners at all levels
- Willingness to work at high speed, keep evolving, always changing organization, and being able to adapt to a fast-paced working methodology
- Experience with implementing and challenging Cloud Security protection and compliance systems, IDS\IPS, NextGen WAF, and more
- Experience with Unix\Linux, or work relating to OS internals or file-level forensics
- Experience with macOS endpoint protection - An advantage
- Experience with writing scripts/code (Python, Go, Bash) - An advantage
- Strong organizational skills and excellent attention to detail.
- On-call security support as needed
- English as a 2nd language
calendar_today3 days ago